Cryptography Stack Exchange
Cryptography Stack Exchange

Questions tagged [des]

(or Data Encryption Standard), a (symmetric) block cipher using a 64 bit block size, with keys of size 56 bit, the standard US block cipher from 1976 to 2001.

DES is based on a Feistel network, with a Feistel function composed on expansion (from 32 bit to 48), key-mixing (with a 48 bit subkey), S-boxes and finally a permutation of the 32 bit output.

DES is now considered insecure due to its small key size which allows brute-force attacks.

DES, the Data Encryption Standard, was the standard US block cypher from 1976 until AES came out in 2001. It was delisted in 2004 and withdrawn as a national standard in 2005.

419 questions
30
votes
1 answer

How was the special DES key 0E329232EA6D0D73 found?

The DES key 0E329232EA6D0D73 has the unusual property that decrypting a ciphertext block consisting entirely of zeros gives a plaintext block consisting of eight repetitions of the same byte (0x87). How was this key originally found?
prim
  • 303
  • 3
  • 6
12
votes
2 answers

Why is DES not an ideal cipher?

From Cryptography I on Coursera, Week 2, "Exhaustive Key Search Attacks": Now let's assume that DES is what's called an ideal cipher [...] Of course, DES is not a collection of 2^56 random functions Prof. Boneh doesn't offer any explanation of…
0x00
  • 407
  • 2
  • 8
11
votes
4 answers

Should DES be avoided when developing new systems?

According to wikipedia… DES is now considered to be insecure for many applications However, since it can be broken relatively easy, should it not just be avoided for all applications?
Shiraz Bhaiji
  • 635
  • 1
  • 5
  • 9
9
votes
1 answer

Proof that no DES key makes encryption identity

How can we prove that no DES key makes encryption the identity function? That is: $\;\forall K\in\{0,1\}^{56}\quad\exists M\in\{0,1\}^{64}\quad E_K(M)\ne M$ Note: anyone disproving this proposition would gain instant celebrity, which is a meta-proof…
fgrieu
  • 140,762
  • 12
  • 307
  • 587
9
votes
1 answer

Complement property of DES

I'm supposed to show the complement property of DES ($c=DES(p,k) => \bar c = DES(\bar p, \bar k)$). My idea was to just start the algorithm with $\bar p$ and see what happens (ignoring the initial permutation for now). I looked at it step by step…
stefanbschneider
  • 569
  • 1
  • 7
  • 19
7
votes
1 answer

Brute force attack on DES + property of DES

In a brute force attack on DES, it seems to me that one plaintext-ciphertext pair suffices to launch the attack. (I.e. suppose we are given a message $x$ and a ciphertext $c$ such that $DES_k ( x ) = c$, where the $56$-bit key $k$ is unknown. Then…
Hoang Thao Le
  • 71
  • 1
  • 1
  • 2
5
votes
1 answer

DES key expansion: why are these two descriptions different?

I would like someone to explain me how to generate DES subkeys, because in the documentation that I saw, sometimes they say: "We rotate the initial key according to the number of iterations given by this sequence: 1, 2, 4, 6, 8, 10, 12, 14, 15,…
simonTifo
4
votes
1 answer

DES anti-fixed points for semi-weak keys

I am looking for some "real examples" of anti-fixed points for DES semi-weak keys. As I know, there are $2^{32}$ anti-fixed points for 4 of the 12 semi-weak keys each. One or two examples of these points may help. Anti-fixed points: For 4 of the…
F.Z
  • 43
  • 4
4
votes
1 answer

Security of DES P_BOX

I'm curious about the design of the P_BOX of DES. I found a paper on this topic, but it dates back to 1989. This means the effect of p-box values of the cipher immunity against Differential Cryptanalysis and linear cryptanalyisis is not mentioned…
HSN
  • 203
  • 1
  • 5
4
votes
1 answer

How is the initial permutation of DES created?

I am creating a program in C language with DES (Data Encryption Standard) functionality, but don't know how to apply the initial permutation. Is it achieved by swapping the values? If "yes", then how is the index of the original message created?
abcd
  • 41
  • 1
  • 2
3
votes
3 answers

How was PC2 designed?

I am trying to understand DES. Can anyone explain the table given in one of the answer DES Key Schedule Algorithm. My question is from where the first entry of Ks comes from. i.e 15 18 12 25 2 etc Bit 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15…
Sadiqa Ilyas
  • 41
  • 2
3
votes
1 answer

DES 48-bit round keys replaced with 48-bit block keys

In a variant of DES with a 48*16 = 768-bit key, the sixteen 48-bit round keys scheduled for successive rounds in the encryption process for DES are replaced in this variant by successive 48-bit blocks of the 768-bit key. What are the weak keys for…
avishar
  • 43
  • 3
3
votes
3 answers

DES strength and weakness

I'm looking to discover what DES's Strengths and Weaknesses are. I understand that DES is a block fiestel cipher operating on 64 bit blocks and 56 bit keys (after deduction of 8 bits). And I realise that DES is weak against Brute force in this day…
joemobaggins
  • 63
  • 1
  • 1
  • 3
3
votes
1 answer

DES algorithm exhaustive key search 2^55 instead of 2^56

How is it possible to do an exhaustive key search (DES algorithm) and only search for 2^55 instead of 2^56 keys ? This is a slide from my course if this helps you. I don't understand it.
dimitris93
  • 131
  • 3
3
votes
0 answers

Delinearization in whitebox techniques

I'm reading through Chow et al.'s paper and Link et al.'s paper. There's a part I don't understand about Delinearization. They convert some steps of AES/DES into a Matrix, then divide the matrix in 8x4 matrices and use look up tables to do the…
David 天宇 Wong
  • 1,535
  • 11
  • 26
1
2 3 4