LIVE NEWSROOM · --:-- · May 15, 2026
A LIBRARY FOR SECURITY RESEARCHERS
Algorithm #algorithm #data standard algorithm. #des

Data Encryption Standard (DES) algorithm with diagram

TE Team Ciphers Security · Dec 6, 2022 · 4 min read · 4.2k reads
Post on X LinkedIn
Data Encryption Standard (DES) algorithm with diagram

Hello everyone Lucifer 😉 with a very interesting topic which is the working of the DES algorithm. In this article, we will see how DES works and what are steps in the DES algorithm.

The Data Encryption Standard (DES) is a symmetric-key block cipher published by the National Institute of Standards and Technology (NIST) in 1975 as Federal Information Processing Standards (FIPS) 46 in the Federal Register and standardized in January 1977.

The proposed DES was first published on 17 March 1975 in the Federal Register, and it was approved in 1976 as a Federal Standard.

In DES for encryption, we give input of 64-bit plaintext and create a 64-bit ciphertext. For Decryption, it takes 64-bit ciphertext and creates a 64-bit block of plaintext. The same 56-bit secret key will be used for both encryption and decryption.

// 01 Steps in how the DES algorithm works

Steps in how the DES algorithm works
  1. We give 64-bit plaintext
  2. 64-bit plaintext goes to Initial Permutation (IP)
    • In Initial Permutation there are rearranging of bits and gives an output of 64 bits of text.
  3. Now, the output of IP goes to Round 1 and there is a total of 16 Rounds.
  4. In Round 1 there are two things going, first 64-bit Initial Permutation and 48-bit Initial key.
  5. Then the output of round 1 goes to round 2, then the second round output goes to the third, and so on to round 16.
  6. Now, the output of round 16 goes to the Final Permutation
    • Final permutation- Inverse of initial permutation
  7. The output of the final permutation gives our 64-bits ciphertext

// 02 Logic Behind Initial Key

Steps in how the DES algorithm works
  1. We take 64 bits of key, which is known as the Initial key.
  2. Now, 64 bits’ initial key goes to PC1, which converts into 56 bits.
    • In PC1 there are only 56 bits of key but where 8 bits are gone, the 8 bits are eliminated or discarded.
  3. Now 56-bit PC1 is divided into two parts C0 and D0 which have 28-bits each respectively.
  4. Now, C0 and D0 go to LS (left shift) for shifting bits.
    • Bits shift works on the principle of even or odd rounds if rounds are 1, 2, 9, 16, then it shifts 1 bit if rounds are 3, 4, 5, 6, 7, 8, 10, 11, 12, 13, 14, 15, then it shifts 2 bits.
  5. After the left shift (LS), shifted bits go to C1 and D1
  6. Then C₁ and D₁ go to PC2.
    • But C₁ and D₁ is having 56-bits, and we want only 48-bits, so we wisely choose only 48-bits from 56-bits and leave the rest of them
  7. then 48-bits PC2 goes to round 1.

The whole shifting and the key process will be repeated till round 16. Every time the Input changes to like C₂—C3—- —C16 and D2—-D3— —D16

// 03 A detailed structure of Encryption Rounds

detailed structure of Encryption Rounds DES

The 64-bit IP was further divided into two parts, Left (L) And Right (R) in which both are 32 bits each.

  1. 32-bit right plaintext goes to expansion permutation for converting 32-bits to 48-bits.
  2. Now, 48 bits of expansion permutation and 48 bits of initial key get together for XOR Operation.
  3. Now, the output from the 48-bit XOR operation will be going to the s-box (substitution) and give an output of
    32-bits by eliminating 16-bits.
    • S-Box, we make a total of 8 s-box, all having 6-bit input and giving 4-bit output. So total output is
    8×4=32-bits
  4. Output from S-Box 32-bits goes to permutation and then carried out to the next one.
  5. Now, 32 bits from permutation and 32 bits from left plaintext get together for XOR operation.
  6. Then we got the right plaintext and left plaintext, but the left plaintext is carried from the right plaintext of 32-bits
    from the upper side.

// 04 Advantages and disadvantages of DES

Advantages:

  1. Fast and efficient
  2. Relatively simple to implement
  3. It is well-studied and widely analyzed

Disadvantages:

  1. The short key length makes it vulnerable to brute-force attacks
  2. Vulnerable to certain types of cryptanalytic attacks
  3. No longer considered secure for most applications

// 05 Breaking of DES

StepDescription
1A brute force attack is used to try all possible combinations of keys to decrypt the encrypted message.
2Each key is used to encrypt a known plaintext message and the resulting ciphertext is compared to the original ciphertext.
3If the resulting ciphertext matches the original ciphertext, the key used is the correct key and the message can be decrypted.
4If all possible keys have been tried and no match is found, the DES algorithm has been successfully broken

// 06 Uses of DES

  1. Encrypting sensitive data, such as financial or personal information.
  2. Securely transmitting data over the internet or other communication networks.
  3. Storing encrypted data in databases or other storage systems.
  4. Authenticating users or devices in a networked environment.
  5. Protecting against unauthorized access or tampering with data.
https://youtu.be/n15ra-H6vFg

Related coverage on Ciphers Security

    TE
    Team Ciphers Security

    The Ciphers Security editorial team — practitioners covering daily threat intel, CVE deep-dives, and hands-on cybersecurity research. About us →

    Previous What is the RSA algorithm with example Next Introduction to C language with its basic concept

    Latest News

    YARA-X 1.16.0: Faster Scans, Panic Fixes, and Neovim LSP Support YARA-X 1.16.0 ships with performance improvements across 10 PRs, constant folding for bitwise ops, configurable mat… Instructure Removed from ShinyHunters' Leak Site as Canvas Breach Deadline Passes Instructure was quietly removed from ShinyHunters' extortion site after the May 12, 2026 deadline — no data dump, n… Costa Rica Joins Have I Been Pwned as the 42nd Government Costa Rica's CSIRT gains free access to Have I Been Pwned's government domain monitoring service, becoming the 42nd… LummaC2 Infostealer Targets US Critical Infrastructure: CISA-FBI Advisory AA25-141B and DOJ Domain Seizures CISA and FBI advisory AA25-141B details LummaC2 MaaS infostealer TTPs targeting critical infrastructure. DOJ seized… MacSync Stealer: Hackers Abuse Google Ads and Claude.ai Chats to Push Mac Malware Russian-speaking attackers combine Google Ads and Claude.ai shared chats in a ClickFix campaign deploying MacSync S… JDownloader Site Hacked, Installers Swapped with Python RAT Malware JDownloader's website was hacked May 6–7, 2026, replacing Windows and Linux installers with a Python-based RAT. Use… Operation HookedWing: 4-Year Phishing Campaign Hits 500+ Organizations Across Aviation, Energy, and Logistics Operation HookedWing has stolen credentials from 500+ organizations in aviation, energy, logistics, and critical in… Twelve Critical vm2 Node.js Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution A dozen CVEs in the vm2 Node.js sandbox library — including CVSS 10.0 flaws — allow sandbox escape and RCE. Update …
    Scroll to Top