Tools

Experiment 3 - DES Decryption

Theory

The DES decryption process involves reversing the steps of the encryption process. Let's break down the key components and steps involved:

  1. Initial Permutation (IP) The process begins with the 'Initial Permutation,' where the bits of the ciphertext are rearranged. This step is the reverse of the 'Final Permutation' in encryption, serving to set the stage for the subsequent rounds.

  2. Key Schedule The key schedule is precomputed and involves generating the 16 subkeys required for each round of decryption. These subkeys are derived from the original encryption key using the same key generation algorithm used in encryption.

  3. 16 Rounds of Decryption Each round of decryption involves the following steps:

a. Expansion Permutation The 'Expansion' permutation is applied to the right half of the data to expand it, similar to the encryption process. This expanded half is then XORed with the subkey for the current round.

b. S-Box Substitution The result is divided into 6-bit blocks, each of which is substituted using the S-boxes. The S-box substitution introduces non-linearity into the process, enhancing security.

c. Permutation After substitution, a 'Permutation' is applied to rearrange the bits. This step is the inverse of the 'Straight Permutation' used in encryption.

d. XOR with Left Half The result of the permutation is XORed with the left half of the data.

e. Swap Halves The left and right halves are swapped, preparing for the next round.

  1. Final Permutation After completing the 16 rounds, a 'Final Permutation' is applied to the combined data (left and right halves). This permutation is the inverse of the 'Initial Permutation' and produces the final decrypted output.

Theoretical Note:

• DES decryption is the reverse operation of DES encryption but uses the same algorithmic structure due to its Feistel network design. In DES, decryption is performed by applying the same 16-round Feistel process but using the subkeys in reverse order. The ciphertext is first passed through the Initial Permutation (IP) and split into left and right 32-bit halves. During each round of decryption, the right half is fed into the Feistel function, combined with the corresponding subkey, and XORed with the left half to retrieve the previous round’s values. The Feistel structure ensures that reversing the subkey order automatically reverses the encryption process without requiring a separate inverse algorithm. • After completing all 16 rounds with subkeys K16 to K1, the halves are swapped, and a Final Permutation (FP) is applied to obtain the original plaintext. This property of DES—same structure for encryption and decryption with only key order reversed—makes it efficient and easy to implement in hardware and software. DES decryption thus systematically undoes the substitutions, permutations, and mixing performed during encryption, restoring the original 64-bit data block.

Conclusion The DES decryption process, like encryption, involves a series of carefully orchestrated steps. Understanding the intricacies of the 'Expansion,' 'S-Box' substitution, and permutation operations is crucial for grasping the inner workings of DES decryption.

It's worth noting that while DES was widely used, its 56-bit key length is now considered insecure against modern computing capabilities. Advanced encryption standards like AES with longer key lengths are recommended for secure communication.