Question

a) Which parts of DES uses permutation method?

b) Which parts of DES uses the substitution method?

c) Explain why DES can be invertible (verify each round is   easy to inverse).  

d) Does DES require that the function f is invertible? Why?

Answer 1

ANS:-

Data Encryption Standard (DES) is a block cipher algorithm that takes plain text in blocks of 64 bits and converts them to ciphertext using keys of 48 bits. It is a symmetric key algorithm, which means that the same key is used for encrypting and decrypting ​data.

/*i'm attaching the DES diagram for better understanding*/

1) The initial permutation occurs before round 1,it transpose the input block as it moves bit 58 of the plaintext to bit possition1,bit 50 to bit possition 2 ,etc.

The initial permutation and the corresponding final permutation do not affect DES's security.

The key permutation:-

initially, the 64-bits DES key is redused to a 56-bit key by ignoring every eight bit.these bit can use as parity check to ensure tge key is erroe-free.

The Expansion Permutation:-

this operation expands the right half of the data,from 32 bits to 48 bits.

2) The S-Box Substitution:-

After the compressed key is XORed with the expanded block, the 48-bit result Moves to a substitution operation.

3)

The round function of DES is defined as;

For n from 1 to 16

Ln=Rn−1

Rn=Ln−1⊕f(Rn−1,Kn)

so the inverse is;

Rn−1=Ln

and

Ln−1=Rn⊕f(Rn−1,Kn)

No: it is not self inverse in the sense of rd(rd(x))=x; You can see that from the image; or below calculation.

At the end of the first Rd(L0,R0), you will have

L1=R0
R1=L0⊕f(R0,K1)
let see by putting back to rd

Lout=L0⊕f(R0,K1)
Rout=R0⊕f(R0,K1)⊕f(f(R0,K1),K1)
that is definitely different since L0≠Lout

But two rounds are if you reverse the keys.

4) No,it is not invertible. it is possible to find two 32-bits input that, when fed to the DES "mangler" function,both produce the same 32-bit output. this is the one of the feistel structure. the "mangler" function does not need to be invertible, and we still en dup with an invertible block clipher.