0x01 Data encryption standard DES Introduce

Data encryption standard （Data Encryption Standard）（DES） Is a symmetric key algorithm for encrypting digital data . The key length is 56 position , The security is not strong , But it has great influence in the progress of cryptography .

0x02 History of data encryption standards

Data encryption standard DES On 1970 In the early s IBM Development , By the National Bureau of standards of the United States (NBS, That is, the current national standards and Technology Association NIST) Turn on , stay 1972 in , At that time, the US National Bureau of standards' research on US government computer security found that a government wide standard was needed to encrypt unclassified sensitive information .

be based on Horst Feistel The early design of , National Bureau of standards (NBS) The invitation is submitted to the protection sensitive 、 Candidates for unclassified e-government data .

1973 year ,NBS Solicited a password scheme that meets strict design standards , But the requirements have not been met .1974 year ,IBM submitted 1973-1974 Years are based on early algorithms Horst Feistel Of Lucifer Password development password .

DES stay 1976 year 11 Approved as a federal standard , With the national security agency (NSA) After negotiation ,NBS Selected a slightly modified version （ Enhanced for differential cryptanalysis , But weakened against violent attacks ）, As an official federal information processing standard (FIPS) Release 1977 In the United States .

0x03 Data encryption standard DES working principle

Data encryption standard DES Block encryption algorithm , It uses a fixed length plaintext bit string , Press 64 Bit block length encrypts data in blocks , The algorithm divides the data into 64 Block in units , hold 64 Bit plaintext as DES The input of , produce 64 Bit ciphertext output .

DES Symmetric encryption algorithm , That is, encryption and decryption use the same algorithm and key .

The key is ostensibly composed of 64 A composition , Actually used 56 position ,8 Bits are only used to check parity and are discarded .

Same as other block ciphers ,DES It is not a secure encryption method in itself , Instead, it must be used in an operating mode . Decryption uses the same structure as encryption , But the keys used are in the reverse order .

As can be seen from the figure above , It's been through 16 The same stage , Also known as rounds . Before we start , Through the first IP, Will be 64 The bits are divided into two 32 position , And alternate .Feistel Structure ensures that decryption and encryption are very similar processes —— The only difference is that the subkeys are applied in the reverse order when decrypting , The rest of the algorithm is the same , It simplifies the complicated implementation process .

In the picture ⊕ The symbol represents XOR (XOR)

F The function scrambles half a block with some keys . And then F The output of the function is combined with the other half of the block , And swap the two halves before the next round . After the last round , Swap two halves ; This is a Feistel A feature of the structure , It makes the encryption and decryption process similar .

Feistel (F) function

• Expand ： Use extended displacement , By copying half bits , take 32 The bit half block is extended to 48 position . Output by 8 individual 6 position （8 × 6 = 48 position ） Fragment composition , Each clip contains 4 Copies of corresponding input bits , And a copy from each input segment to the nearest neighbor on either side .
• Key mixing ： Use ⊕（XOR） The operation combines the result with the subkey .16 individual 48 Place the key （ One in each round ） Is derived from the master key using key scheduling .
• Replace ： After mixing in the sub key , The block is being S Boxes or replacement boxes are divided into 8 individual 6 Bit block . According to the nonlinear transformation provided in the form of a look-up table ,8 individual S Each of the boxes will be 6 Input bits are replaced by 4 Output bits .
  S-box Provides DES The core of security —— Without them , The password will be linear , And it's easy to crack .
• array ： Last , come from S-box Of 32 The outputs are arranged in a fixed order P-box Rearrange . After the arrangement , Each in this round S-box The output bits are distributed in four different... In the next round S-box in .

S-box（substitution box） Also called “ Password replacement box ”, Used to improve the safety factor

References:
https://en.wikipedia.org/