Ciphers Security

Data Encryption Standard (DES) algorithm with diagram

Data Encryption Standard (DES) algorithm with diagram

Hello everyone Lucifer 😉 with a very interesting topic which is the working of the DES algorithm. In this article, we will see how DES works and what are steps in the DES algorithm.

The Data Encryption Standard (DES) is a symmetric-key block cipher published by the National Institute of Standards and Technology (NIST) in 1975 as Federal Information Processing Standards (FIPS) 46 in the Federal Register and standardized in January 1977.

The proposed DES was first published on 17 March 1975 in the Federal Register, and it was approved in 1976 as a Federal Standard.

In DES for encryption, we give input of 64-bit plaintext and create a 64-bit ciphertext. For Decryption, it takes 64-bit ciphertext and creates a 64-bit block of plaintext. The same 56-bit secret key will be used for both encryption and decryption.

Steps in how the DES algorithm works

Steps in how the DES algorithm works
  1. We give 64-bit plaintext
  2. 64-bit plaintext goes to Initial Permutation (IP)
    • In Initial Permutation there are rearranging of bits and gives an output of 64 bits of text.
  3. Now, the output of IP goes to Round 1 and there is a total of 16 Rounds.
  4. In Round 1 there are two things going, first 64-bit Initial Permutation and 48-bit Initial key.
  5. Then the output of round 1 goes to round 2, then the second round output goes to the third, and so on to round 16.
  6. Now, the output of round 16 goes to the Final Permutation
    • Final permutation- Inverse of initial permutation
  7. The output of the final permutation gives our 64-bits ciphertext

Logic Behind Initial Key

Steps in how the DES algorithm works
  1. We take 64 bits of key, which is known as the Initial key.
  2. Now, 64 bits’ initial key goes to PC1, which converts into 56 bits.
    • In PC1 there are only 56 bits of key but where 8 bits are gone, the 8 bits are eliminated or discarded.
  3. Now 56-bit PC1 is divided into two parts C0 and D0 which have 28-bits each respectively.
  4. Now, C0 and D0 go to LS (left shift) for shifting bits.
    • Bits shift works on the principle of even or odd rounds if rounds are 1, 2, 9, 16, then it shifts 1 bit if rounds are 3, 4, 5, 6, 7, 8, 10, 11, 12, 13, 14, 15, then it shifts 2 bits.
  5. After the left shift (LS), shifted bits go to C1 and D1
  6. Then C₁ and D₁ go to PC2.
    • But C₁ and D₁ is having 56-bits, and we want only 48-bits, so we wisely choose only 48-bits from 56-bits and leave the rest of them
  7. then 48-bits PC2 goes to round 1.

The whole shifting and the key process will be repeated till round 16. Every time the Input changes to like C₂—C3—- —C16 and D2—-D3— —D16

A detailed structure of Encryption Rounds

detailed structure of Encryption Rounds DES

The 64-bit IP was further divided into two parts, Left (L) And Right (R) in which both are 32 bits each.

  1. 32-bit right plaintext goes to expansion permutation for converting 32-bits to 48-bits.
  2. Now, 48 bits of expansion permutation and 48 bits of initial key get together for XOR Operation.
  3. Now, the output from the 48-bit XOR operation will be going to the s-box (substitution) and give an output of
    32-bits by eliminating 16-bits.
    • S-Box, we make a total of 8 s-box, all having 6-bit input and giving 4-bit output. So total output is
  4. Output from S-Box 32-bits goes to permutation and then carried out to the next one.
  5. Now, 32 bits from permutation and 32 bits from left plaintext get together for XOR operation.
  6. Then we got the right plaintext and left plaintext, but the left plaintext is carried from the right plaintext of 32-bits
    from the upper side.

Advantages and disadvantages of DES


  1. Fast and efficient
  2. Relatively simple to implement
  3. It is well-studied and widely analyzed


  1. The short key length makes it vulnerable to brute-force attacks
  2. Vulnerable to certain types of cryptanalytic attacks
  3. No longer considered secure for most applications

Breaking of DES

1A brute force attack is used to try all possible combinations of keys to decrypt the encrypted message.
2Each key is used to encrypt a known plaintext message and the resulting ciphertext is compared to the original ciphertext.
3If the resulting ciphertext matches the original ciphertext, the key used is the correct key and the message can be decrypted.
4If all possible keys have been tried and no match is found, the DES algorithm has been successfully broken

Uses of DES

  1. Encrypting sensitive data, such as financial or personal information.
  2. Securely transmitting data over the internet or other communication networks.
  3. Storing encrypted data in databases or other storage systems.
  4. Authenticating users or devices in a networked environment.
  5. Protecting against unauthorized access or tampering with data.

If you have any queries regarding the above content, or you want to update anything in the content, then contact us with your queries. You can directly post your question in the group.

Connect with us on these platforms


Connect with us