The Data Encryption Standard (of 1977)
Lecture, Dr. Lawlor
is an old cipher from the 1970's, but it's got the same basic
structure as modern more secure ciphers.
Here's the source code, this version from PolarSSL/library/des.c:
- DES encryption starts with a block of 64 bits of
- A series of 16 rounds mix the plaintext bits with each
other and the key, using a combination of bit shifting, XOR, and
several very small (6 bit input, 4 bit output) S-boxes.
* DES-ECB block encryption/decryption
int des_crypt_ecb( des_context *ctx,
const unsigned char input, // data size: 64 bits
unsigned char output )
uint32_t X, Y, T, *SK;
SK = ctx->sk;
GET_UINT32_BE( X, input, 0 ); // this
implementation converts to int (from big-endian)
GET_UINT32_BE( Y, input, 4 );
DES_IP( X, Y ); // "initial permutation"
for( i = 0; i < 8; i++ ) // 8 forward-reverse
rounds (16 rounds total)
DES_ROUND( Y, X ); //
xor's Y based on table[X]
DES_ROUND( X, Y ); //
xor's X based on table[Y]
DES_FP( Y, X ); // "final permutation"
PUT_UINT32_BE( Y, output, 0 );
PUT_UINT32_BE( X, output, 4 );
return( 0 );
The biggest limitation of DES is the very short key--64 bits, but 8
of those are just used for parity checking. A 56-bit key space
is within the realm of brute force: FPGA implementations today can
check hundreds of billions of keys per second, so crack DES in about
a day. ASIC implementations are even faster.