Article directory
-
- 1. What is DES
- 2. The basic concept of DES
- 3. DES encryption process
- 4. Detailed explanation of DES algorithm steps
- 5. Advantages and disadvantages of DES
- 6. DES attack method
- 7、3DES(Triple DES)
- 8. Python implements DES
1. What is DES
DES (Data Encryption Standard) is a symmetric encryption algorithm. It was developed by IBM in the early 1970s. It is designed to provide a high degree of data security and performance, and can be implemented on a variety of hardware and software platforms.
2. The basic concept of DES
DES uses a 56-bit key and a 64-bit plaintext block for encryption. The packet size of the DES algorithm is 64 bits. Therefore, if the length of the plaintext to be encrypted is less than 64 bits , it needs to be filled ; if the length of the plaintext exceeds 64 bits , it is necessary to use the packet mode for packet encryption .
Although the packet size of the DES algorithm is 64 bits, because the key length of the DES algorithm is only 56 bits, the DES algorithm has weaknesses and is vulnerable to threats such as brute force cracking and differential attacks. Therefore, in practical applications, the DES algorithm is no longer widely used, but is replaced by a more secure algorithm, such as the AES algorithm.
Although DES has been superseded, it still holds great significance in the history of cryptography. DES can help us understand the basic concepts and operating principles of symmetric key encryption algorithms.
3. DES encryption process
When a piece of 64-bit data is input, DES will encrypt it through the following steps. In Part 4, we explain each process in detail.
-
1. Initial replacement (IP replacement): The input 64-bit plaintext block is replaced and rearranged to generate a new 64-bit data block.
-
2. Encryption rounds: DES encryption algorithm has 16 rounds in total, and each round includes four steps:
-
a. Divide the 64-bit data block into two left and right 32-bit blocks.
-
b. The 32-bit block on the right is used as input, and a 48-bit data block is generated through operations such as expansion, XOR, and replacement. This 48-bit data block is called a "round key", which is a subkey generated from the master key of the encryption algorithm.
-
c. XOR the left 32-bit block with the round key, and the result is the new right 32-bit block.
-
d. Connect the right 32-bit block with the original left 32-bit block to generate a new 64-bit data block as the input for the next round.
-
-
3 Final permutation (FP permutation): After the last round is completed, the encrypted data blocks are permuted and rearranged to obtain the encrypted 64-bit ciphertext.
In general, the process of DES encryption is to divide the plaintext into several small blocks through a series of operations such as permutation, XOR, and expansion, and then generate a series of round keys according to the master key, and use the round key to pair each Small blocks are encrypted, and finally the encrypted results are reassembled into a whole to obtain the ciphertext.
4. Detailed explanation of DES algorithm steps
4.1 Initial Permutation (Initial Permutation, IP replacement)
IP replacement is to replace and rearrange the input 64-bit plaintext block to generate a new 64-bit data block.
Purpose : To increase the degree of confusion in the encryption, so that each bit in the plaintext can affect the subsequent encryption process and improve the encryption strength.
We will place the 64 bits in the order specified in the table below, and the numbers in the figure are the index positions of each bit in the 64-bit plaintext. Note that in DES, this placement rule is fixed .
That is, the data originally located at the 58th position is placed at the first position, the element originally at the 50th position is placed at the second position, the 42nd element is placed at the third position, 34->4 and so on...
The reverse permutation (Final Permutation, FP permutation) of the initial permutation is to permutate and rearrange the encrypted data blocks to obtain the final encryption result, which corresponds to the initial permutation.
4.2 Encryption rounds
After the initial permutation is completed, the plaintext is divided into left and right parts of the same length (32 bits), denoted as L0, R0. Next, 16 rounds of encryption will be performed.
Let's look at it from a single round. First focus on R0 here.
The right half R0 will be used as the input of the left half L1 of the next round. Secondly, R0 will be filled to 48 bits and the 48-bit K0 generated in this round (we will talk about the generation of K0 soon) will be input into the F round function. The output result of the F function is 32 bits, and the result F(R0,K0)will be L0XORed and used as the input of the right half of R1 in the next round.
By analogy, 16 rounds of operations are repeated. Therefore, the process described above can be expressed by the following formula.
4.3 F round function
We mentioned that in each round of encryption, R and K will be input into F, and then we will see what processing is done in the F function.
4.3.1 Extending R to 48 bits
Extend the right half of the 32-bit R0 to obtain a 48-bit data block. Similarly, data expansion is also based on a fixed permutation table. The red box is the data we want to fill.
It can be seen that each bit of the expansion process is extracted from the input 32-bit data block according to the above-mentioned permutation table. The 32nd bit of the original data is added to the first of the newly added column, the 5th bit is added to the first of the second added column, and so on...
4.3.2 Generation of subkey K
The DES algorithm adopts the method of each round of sub-key generation to increase the complexity and security of the key. Each round of sub-keys is generated by the master key (64 bits) through the Key Schedule Algorithm. The key scheduling algorithm of the DES algorithm can divide the 64-bit master key into 16 sub-keys, and each sub-key is 48 bits, which is used for XOR operation with the input data in each round of encryption.
Look at the whole process through the flowchart of subkey generation.
-
1. After the 64-bit master key is replaced with 1 (Permuted Choice 1 is abbreviated as PC-1), 56 bits are output, and it is divided into two left and right 28-bit data blocks, which are respectively recorded as C0 and D0. Like the permutation rules we mentioned above, the PC-1 permutation function is also a fixed permutation table.
It can be seen from the permutation table of PC-1 that the discarded 8-bit data is the last bit of every 8-bit data in the original data , which is the well-known parity bit. These 8 bits are discarded because they do not contribute to the security of the key, and can make the calculation of the DES algorithm faster. -
2. Carry out circular left shift operation on C0 and D0. C1 and D1 are generated after the circular left shift is completed. Therefore, 16 32-bit data blocks C1-C16 and D1-D16 will be obtained in 16 rounds of calculation. There are also fixed rules for cyclic left shifting in DES .
For i=1, 2, ..., 16, for Ci and Di, if i is 1, 2, 9 or 16, then rotate left one bit, otherwise rotate left two bits.
-
3. For C1 and D1, after permutation choice 2 (Permuted Choice 2 abbreviation PC-2), a 48-bit sub-key K1 is obtained, which is used for XOR operation with the input data in each round of encryption. The input of the PC-2 permutation is the 56-bit key generated by the PC-1 permutation, and its output is the 48-bit subkey. The PC-2 permutation rearranges the 56-bit key, discards 8 bits and selects 48 of them as subkeys. The replacement rules for PC-2 are as follows:
| 14 | 17 | 11 | 24 | 1 | 5 |
|---|---|---|---|---|---|
| 3 | 28 | 15 | 6 | 21 | 10 |
| 23 | 19 | 12 | 4 | 26 | 8 |
| 16 | 7 | 27 | 20 | 13 | 2 |
| 41 | 52 | 31 | 37 | 47 | 55 |
| 30 | 40 | 51 | 45 | 33 | 48 |
| 44 | 49 | 39 | 56 | 34 | 53 |
| 46 | 42 | 50 | 36 | 29 | 32 |
That is, the first line of the PC-2 permutation table indicates that bits 14, 17, 11, 24, 1, and 5 of the input key are selected and used as the first 6 bits of the output subkey. And so on...
- 4. So far, the result after PC-2 is the subkey K1 of our current round. During the entire DES encryption process, 16 48-bit subkeys K1-K16 will be generated, which are used in the 16 rounds of encryption in the DES algorithm, so as to ensure that the keys used in each round of encryption are different, increasing the difficulty of cracking .
4.3.3 Exclusive OR operation between the subkey of the current round and the expanded 48-bit R
Exclusive OR operation is performed on the subkey Ki of the current round and the extended 48-bit Ri. The result of the operation will be used as the input for the next S-box replacement
4.3.4 Substitution Box substitution
S-box substitution (Substitution Box substitution) is an encryption technique widely used in cryptography. It is the process of mapping a set of bits in plaintext to a set of bits in ciphertext, which is used to enhance the security of ciphers. The S-box replacement in DES is used to map the 48-bit result of the last round of XOR operation to the 32-bit output.
Similarly, the S-box is also a permutation table. The S boxes are different in each round of DES calculations. Here I take the S box in the first round of calculation as an example. From the figure above, we can see that there are 8 S blocks inside the S box, marked as S1-S8. Each S-block will receive a 6-bit character as input and output a four-bit character. Here we take the first S box S1 as an example. It is a 4*16 permutation table.
| 14 | 4 | 13 | 1 | 2 | 15 | 11 | 8 | 3 | 10 | 6 | 12 | 5 | 9 | 0 | 7 |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 0 | 15 | 7 | 4 | 14 | 2 | 13 | 1 | 10 | 6 | 12 | 11 | 9 | 5 | 3 | 8 |
| 4 | 1 | 14 | 8 | 13 | 6 | 2 | 11 | 15 | 12 | 9 | 7 | 3 | 10 | 5 | 0 |
| 15 | 12 | 8 | 2 | 4 | 9 | 1 | 7 | 5 | 11 | 3 | 14 | 10 | 0 | 6 | 13 |
For example, input 101010to S1. S1 will take out the first and sixth digits of these six digits 10as the row of S1, and 0101take out the middle four digits as the column of S1. We convert it into decimal. At this time, the position mapped to this S box is the 3rd row and 6th column(2,5) corresponding to the S box (the index starts from 0). So the result of this input is 6, convert 6 to binary 110, the output of the S box is 4 bits, so we have
S(101010)=0110
Therefore, it can be seen that the S-box is actually a nonlinear encryption technology, which can resist many traditional cryptanalysis attacks, such as differential attacks and linear attacks.
4.3.5 P box replacement
The P-box replacement takes the 32-bit output of the S-box replacement as input, and the result of the final F-round function is obtained after the above-mentioned fixed replacement table is replaced.
The result F(R0, K0) is XORed with L0 to get the right half of the next round R1
4.4 Inverse Permutation
After 16 rounds of calculations, DES will perform the last permutation on the final result. is the final output.
5. Advantages and disadvantages of DES
advantage:
- High security: The DES algorithm uses a key for encryption and decryption, and the same plaintext is encrypted with a different key to obtain different ciphertexts. The longer the key, the stronger the encryption.
- The algorithm is simple: the encryption and decryption process of the DES algorithm is not simple, based on symmetric encryption, the same key is used for encryption and decryption.
- Wide application: DES algorithm is one of the earliest and most widely used encryption algorithms. It is widely used in e-commerce, email, virtual private network and other fields, and has wide applicability and portability.
shortcoming:
- Short key length: The DES algorithm uses a 56-bit key. Although it was safe enough at the time, it is not enough to guarantee the security of encryption under the current computer processing power, and it is vulnerable to brute force cracking attacks.
- Unable to resist differential cryptanalysis attack: DES algorithm cannot resist differential cryptanalysis attack, which can analyze the behavior of the encryption algorithm and deduce the key by comparing the ciphertext of the same plaintext.
- Slow: Since the DES algorithm is a block cipher algorithm, it needs to encrypt 64-bit plaintext, the encryption speed is relatively slow, and it is not suitable for real-time encryption and decryption of large amounts of data.
6. DES attack method
Since DES has been around for many years, there are still some old systems that use DES for encryption. Because of its short key length (only 56 bits) and known weaknesses, it is vulnerable to the following attacks.
-
Brute-Force Attack : Due to the short key length of the DES algorithm, it may be attacked by brute force cracking. The attacker can try to crack the ciphertext by enumerating all possible keys. Although the encryption speed of the DES algorithm is relatively slow, modern computers are computationally powerful enough to perform a brute force attack in a reasonable amount of time.
-
Differential Cryptanalysis Attack (Differential Cryptanalysis Attack) : Differential cryptanalysis is a relatively efficient attack method, which can deduce the key by analyzing the difference between plaintext and ciphertext. For the DES algorithm, the attacker can obtain the key by analyzing the difference between different inputs and outputs, as well as the probability of the possible value of the key.
-
Linear Cryptanalysis Attack (Linear Cryptanalysis Attack) : Linear cryptanalysis is a more effective attack method, which can find the key through linear approximation calculation. For the DES algorithm, the attacker can derive the key by constructing some linear approximations and calculating the corresponding probability.
-
Known Plaintext Attack : In a known plaintext attack, an attacker can obtain some known plaintext and corresponding ciphertext, and then use this information to derive a key. For the DES algorithm, the attacker can derive the key by obtaining enough known plaintext and ciphertext.
-
Birthday Attack : A birthday attack is an attack that uses probability to find two different inputs with the same hash value in a relatively short period of time. For the DES algorithm, an attacker can use a birthday attack to find two different keys that can both encrypt the same plaintext.
7、3DES(Triple DES)
We mentioned that DES is currently insecure. Therefore, an algorithm such as 3DES was born to strengthen DES. 3DES, as the name suggests, is to use DES to encrypt 3 times, and use 3 keys to encrypt and decrypt.
Why 3DES is not 2DES
3DES uses three keys and repeats the encryption process of the DES algorithm three times, thus greatly enhancing the security. The key length of 3DES is 168 bits, which is much higher than the 56-bit key length of the DES algorithm and the 112-bit key length of the 2DES algorithm. The time complexity of 2DES brute force cracking is O(2 57 ), and it is still possible to be brute force cracking.
Take an example:
For plaintext P, ciphertext C, and C, K1 is obtained by encrypting E k1 and E k2 twice , and K2 is the key for the first and second encryption respectively.
- Traverse P to the first encrypted K1, there are at most 256 possibilities .
- Since encryption and decryption are the same key. So we can also perform brute force decryption on C to find the key. There are also at most 256 possibilities .
- When we traverse, we can find an E k1 (P)=D k2 (C) and use this key to encrypt and decrypt different plaintext and encrypted results (P', C').
- If successful, the time complexity of this brute force cracking is O(2 57 ). So it's still not safe enough.
8. Python implements DES
Due to the length of the article, if you need the source code, you can go to the wechat official account to follow " A Program Tree ", and reply " DES " to get the source code.