Applied Cryptography in E-mail Services and Web Services

Data Encryption Standard (DES) and Triple-DES

In 1973, National Institute of Standards and Technology (NIST, previously NBS) solicited proposals for a government-wide standard for encryption and decryption. Based on the IBM Lucifer cipher (developed by 1973Feistel and his colleagues in 1973! and 1974), DES was accepted as an official Federal Information Processing Standard (FIPS) for the U.S. in 1976, later widespread internationally. Many later ciphers, including RC5, Blowfish and CAST5, were designed based on DES. DES is basically an iterative symmetric key algorithm that uses a relatively short key with only 56 binary bits in length. In each of its 16 rounds, DES takes a 64-bit data block and a 48-bit sub-key as the inputs and goes through a series of steps including expansion, Substitution Boxes (S-Boxes) and Permutation Boxes (P-Boxes) resulting 64-bit output. Everything except the S-Boxes in DES is linear. Due to short key length of DES, Triple-DES or 3DES was introduced to increase the key length to 112-bit in EDE mode and 168-bit in EEE mode. DES and 3DES had been the most popular symmetric key block ciphers before the emergence of AES.

DES has eight different S-boxes, each of which maps a 6-bit input to a 4-bit output. The first bit and the last bit of the 6-bit input of an S-box form the binary row indexes and the rest 4-bit of the input forms the column indexes of a single S-box conversion table. The table then has the dimension of 4 (00 to 11) rows by 16 (0000 to 1111) columns and the 64 intersections show the possible values of the 4-bit output. Each possible 4-bit output value has 4 occurrences among the intersections. Therefore, a specific 6-bit input value points to a specific intersection and output value. On the other hand, a unique output value does not help find the input value due to the 4 occurrences.