mahoney@cs des$ mahoney@cs des$ ./des.pl DES encryption key = 133457799bbcdff1 = 0001001100110100010101110111100110011011101111001101111111110001 msg = 0123456789abcdef = 0000000100100011010001010110011110001001101010111100110111101111 initial permutation = ( 57 49 41 33 25 17 09 01 59 51 43 35 27 19 11 03 61 53 45 37 29 21 13 05 63 55 47 39 31 23 15 07 56 48 40 32 24 16 08 00 58 50 42 34 26 18 10 02 60 52 44 36 28 20 12 04 62 54 46 38 30 22 14 06 ) has 64 bits. msg = cc00ccfff0aaf0aa = 1100110000000000110011001111111111110000101010101111000010101010 left[0] = cc00ccff = 1100_1100_0000_0000_1100_1100_1111_1111 (32 bits) right[0] = f0aaf0aa = 1111_0000_1010_1010_1111_0000_1010_1010 (32 bits) PC-1 key permutation = ( 56 48 40 32 24 16 08 00 57 49 41 33 25 17 09 01 58 50 42 34 26 18 10 02 59 51 43 35 62 54 46 38 30 22 14 06 61 53 45 37 29 21 13 05 60 52 44 36 28 20 12 04 27 19 11 03 ) has 56 bits. key_pc1 = f0ccaaf556678f = 11110000110011001010101011110101010101100110011110001111 size = 56 C left key = f0ccaaf = 1111_0000_1100_1100_1010_1010_1111 (28) bits D right key = 556678f = 0101_0101_0110_0110_0111_1000_1111 (28) bits left_shifts(0..16) = ( 0 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1 ) total_shifts(0..16) = ( 0 1 2 4 6 8 10 12 14 15 17 19 21 23 25 27 28 ) sample left shifted C(n), D(n) are C(4) = 0011_0011_0010_1010_1011_1111_1100 D(4) = 0101_1001_1001_1110_0011_1101_0101 PC-2 key permutation = ( 13 16 10 23 00 04 02 27 14 05 20 09 22 18 11 03 25 07 15 06 26 19 12 01 40 51 30 36 46 54 29 39 50 44 32 47 43 48 38 55 33 52 45 41 49 35 28 31 ) has 48 bits. sample Kn is K(4) = 0111_0010_1010_1101_1101_0110_1101_1011_0011_0101_0001_1101 (48 bits) expansion permutation = ( 31 00 01 02 03 04 03 04 05 06 07 08 07 08 09 10 11 12 11 12 13 14 15 16 15 16 17 18 19 20 19 20 21 22 23 24 23 24 25 26 27 28 27 28 29 30 31 00 ) has 48 bits. S boxes are S0 = [ [14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7 ], [ 0 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8 ], [ 4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0 ], [15 12 8 2 4 9 1 7 5 11 3 14 10 0 6 13 ], ] S1 = [ [15 1 8 14 6 11 3 4 9 7 2 13 12 0 5 10 ], [ 3 13 4 7 15 2 8 14 12 0 1 10 6 9 11 5 ], [ 0 14 7 11 10 4 13 1 5 8 12 6 9 3 2 15 ], [13 8 10 1 3 15 4 2 11 6 7 12 0 5 14 9 ], ] S2 = [ [10 0 9 14 6 3 15 5 1 13 12 7 11 4 2 8 ], [13 7 0 9 3 4 6 10 2 8 5 14 12 11 15 1 ], [13 6 4 9 8 15 3 0 11 1 2 12 5 10 14 7 ], [ 1 10 13 0 6 9 8 7 4 15 14 3 11 5 2 12 ], ] S3 = [ [ 7 13 14 3 0 6 9 10 1 2 8 5 11 12 4 15 ], [13 8 11 5 6 15 0 3 4 7 2 12 1 10 14 9 ], [10 6 9 0 12 11 7 13 15 1 3 14 5 2 8 4 ], [ 3 15 0 6 10 1 13 8 9 4 5 11 12 7 2 14 ], ] S4 = [ [ 2 12 4 1 7 10 11 6 8 5 3 15 13 0 14 9 ], [14 11 2 12 4 7 13 1 5 0 15 10 3 9 8 6 ], [ 4 2 1 11 10 13 7 8 15 9 12 5 6 3 0 14 ], [11 8 12 7 1 14 2 13 6 15 0 9 10 4 5 3 ], ] S5 = [ [12 1 10 15 9 2 6 8 0 13 3 4 14 7 5 11 ], [10 15 4 2 7 12 9 5 6 1 13 14 0 11 3 8 ], [ 9 14 15 5 2 8 12 3 7 0 4 10 1 13 11 6 ], [ 4 3 2 12 9 5 15 10 11 14 1 7 6 0 8 13 ], ] S6 = [ [ 4 11 2 14 15 0 8 13 3 12 9 7 5 10 6 1 ], [13 0 11 7 4 9 1 10 14 3 5 12 2 15 8 6 ], [ 1 4 11 13 12 3 7 14 10 15 6 8 0 5 9 2 ], [ 6 11 13 8 1 4 10 7 9 5 0 15 14 2 3 12 ], ] S7 = [ [13 2 8 4 6 15 11 1 10 9 3 14 5 0 12 7 ], [ 1 15 13 8 10 3 7 4 12 5 6 11 0 14 9 2 ], [ 7 11 4 1 9 12 14 2 0 6 10 13 15 3 5 8 ], [ 2 1 14 7 4 10 8 13 15 12 9 0 3 5 6 11 ], ] f permutation = ( 15 06 19 20 28 11 27 16 00 14 22 25 04 17 30 09 01 07 23 13 31 26 02 08 18 12 29 05 21 10 03 24 ) has 32 bits. IP inverse permutation = ( 39 07 47 15 55 23 63 31 38 06 46 14 54 22 62 30 37 05 45 13 53 21 61 29 36 04 44 12 52 20 60 28 35 03 43 11 51 19 59 27 34 02 42 10 50 18 58 26 33 01 41 09 49 17 57 25 32 00 40 08 48 16 56 24 ) has 64 bits. -- round 1 -- L[1] = 1111_0000_1010_1010_1111_0000_1010_1010 K[1] = 0001_1011_0000_0010_1110_1111_1111_1100_0111_0000_0111_0010 E(R[1]) = 0111_1010_0001_0101_0101_0101_0111_1010_0001_0101_0101_0101 K[1]+E(R[1]) = 0110_0001_0001_0111_1011_1010_1000_0110_0110_0101_0010_0111 B0 = 011000; S0(B0) = 0101 B1 = 010001; S1(B1) = 1100 B2 = 011110; S2(B2) = 1000 B3 = 111010; S3(B3) = 0010 B4 = 100001; S4(B4) = 1011 B5 = 100110; S5(B5) = 0101 B6 = 010100; S6(B6) = 1001 B7 = 100111; S7(B7) = 0111 f = 0101_1100_1000_0010_1011_0101_1001_0111 P(f) = 0010_0011_0100_1010_1010_1001_1011_1011 R[1] = 1110_1111_0100_1010_0110_0101_0100_0100 -- round 2 -- L[2] = 1110_1111_0100_1010_0110_0101_0100_0100 K[2] = 0111_1001_1010_1110_1101_1001_1101_1011_1100_1001_1110_0101 E(R[2]) = 0111_0101_1110_1010_0101_0100_0011_0000_1010_1010_0000_1001 K[2]+E(R[2]) = 0000_1100_0100_0100_1000_1101_1110_1011_0110_0011_1110_1100 B0 = 000011; S0(B0) = 1111 B1 = 000100; S1(B1) = 1000 B2 = 010010; S2(B2) = 1101 B3 = 001101; S3(B3) = 0000 B4 = 111010; S4(B4) = 0011 B5 = 110110; S5(B5) = 1010 B6 = 001111; S6(B6) = 1010 B7 = 101100; S7(B7) = 1110 f = 1111_1000_1101_0000_0011_1010_1010_1110 P(f) = 0011_1100_1010_1011_1000_0111_1010_0011 R[2] = 1100_1100_0000_0001_0111_0111_0000_1001 -- round 3 -- L[3] = 1100_1100_0000_0001_0111_0111_0000_1001 K[3] = 0101_0101_1111_1100_1000_1010_0100_0010_1100_1111_1001_1001 E(R[3]) = 1110_0101_1000_0000_0000_0010_1011_1010_1110_1000_0101_0011 K[3]+E(R[3]) = 1011_0000_0111_1100_1000_1000_1111_1000_0010_0111_1100_1010 B0 = 101100; S0(B0) = 0010 B1 = 000111; S1(B1) = 0111 B2 = 110010; S2(B2) = 0001 B3 = 001000; S3(B3) = 0000 B4 = 111110; S4(B4) = 1110 B5 = 000010; S5(B5) = 0001 B6 = 011111; S6(B6) = 0110 B7 = 001010; S7(B7) = 1111 f = 0010_0111_0001_0000_1110_0001_0110_1111 P(f) = 0100_1101_0001_0110_0110_1110_1011_0000 R[3] = 1010_0010_0101_1100_0000_1011_1111_0100 -- round 4 -- L[4] = 1010_0010_0101_1100_0000_1011_1111_0100 K[4] = 0111_0010_1010_1101_1101_0110_1101_1011_0011_0101_0001_1101 E(R[4]) = 0101_0000_0100_0010_1111_1000_0000_0101_0111_1111_1010_1001 K[4]+E(R[4]) = 0010_0010_1110_1111_0010_1110_1101_1110_0100_1010_1011_0100 B0 = 001000; S0(B0) = 0010 B1 = 101110; S1(B1) = 0001 B2 = 111100; S2(B2) = 1110 B3 = 101110; S3(B3) = 1101 B4 = 110111; S4(B4) = 1001 B5 = 100100; S5(B5) = 1111 B6 = 101010; S6(B6) = 0011 B7 = 110100; S7(B7) = 1010 f = 0010_0001_1110_1101_1001_1111_0011_1010 P(f) = 1011_1011_0010_0011_0111_0111_0100_1100 R[4] = 0111_0111_0010_0010_0000_0000_0100_0101 -- round 5 -- L[5] = 0111_0111_0010_0010_0000_0000_0100_0101 K[5] = 0111_1100_1110_1100_0000_0111_1110_1011_0101_0011_1010_1000 E(R[5]) = 1011_1010_1110_1001_0000_0100_0000_0000_0000_0010_0000_1010 K[5]+E(R[5]) = 1100_0110_0000_0101_0000_0011_1110_1011_0101_0001_1010_0010 B0 = 110001; S0(B0) = 0101 B1 = 100000; S1(B1) = 0000 B2 = 010100; S2(B2) = 1100 B3 = 000011; S3(B3) = 1000 B4 = 111010; S4(B4) = 0011 B5 = 110101; S5(B5) = 0001 B6 = 000110; S6(B6) = 1110 B7 = 100010; S7(B7) = 1011 f = 0101_0000_1100_1000_0011_0001_1110_1011 P(f) = 0010_1000_0001_0011_1010_1101_1100_0011 R[5] = 1000_1010_0100_1111_1010_0110_0011_0111 -- round 6 -- L[6] = 1000_1010_0100_1111_1010_0110_0011_0111 K[6] = 0110_0011_1010_0101_0011_1110_0101_0000_0111_1011_0010_1111 E(R[6]) = 1100_0101_0100_0010_0101_1111_1101_0000_1100_0001_1010_1111 K[6]+E(R[6]) = 1010_0110_1110_0111_0110_0001_1000_0000_1011_1010_1000_0000 B0 = 101001; S0(B0) = 0100 B1 = 101110; S1(B1) = 0001 B2 = 011101; S2(B2) = 1111 B3 = 100001; S3(B3) = 0011 B4 = 100000; S4(B4) = 0100 B5 = 001011; S5(B5) = 1100 B6 = 101010; S6(B6) = 0011 B7 = 000000; S7(B7) = 1101 f = 0100_0001_1111_0011_0100_1100_0011_1101 P(f) = 1001_1110_0100_0101_1100_1101_0010_1100 R[6] = 1110_1001_0110_0111_1100_1101_0110_1001 -- round 7 -- L[7] = 1110_1001_0110_0111_1100_1101_0110_1001 K[7] = 1110_1100_1000_0100_1011_0111_1111_0110_0001_1000_1011_1100 E(R[7]) = 1111_0101_0010_1011_0000_1111_1110_0101_1010_1011_0101_0011 K[7]+E(R[7]) = 0001_1001_1010_1111_1011_1000_0001_0011_1011_0011_1110_1111 B0 = 000110; S0(B0) = 0001 B1 = 011010; S1(B1) = 0000 B2 = 111110; S2(B2) = 0111 B3 = 111000; S3(B3) = 0101 B4 = 000100; S4(B4) = 0100 B5 = 111011; S5(B5) = 0000 B6 = 001111; S6(B6) = 1010 B7 = 101111; S7(B7) = 1101 f = 0001_0000_0111_0101_0100_0000_1010_1101 P(f) = 1000_1100_0000_0101_0001_1100_0010_0111 R[7] = 0000_0110_0100_1010_1011_1010_0001_0000 -- round 8 -- L[8] = 0000_0110_0100_1010_1011_1010_0001_0000 K[8] = 1111_0111_1000_1010_0011_1010_1100_0001_0011_1011_1111_1011 E(R[8]) = 0000_0000_1100_0010_0101_0101_0101_1111_0100_0000_1010_0000 K[8]+E(R[8]) = 1111_0111_0100_1000_0110_1111_1001_1110_0111_1011_0101_1011 B0 = 111101; S0(B0) = 0110 B1 = 110100; S1(B1) = 1100 B2 = 100001; S2(B2) = 0001 B3 = 101111; S3(B3) = 1000 B4 = 100111; S4(B4) = 0111 B5 = 100111; S5(B5) = 1100 B6 = 101101; S6(B6) = 1010 B7 = 011011; S7(B7) = 1110 f = 0110_1100_0001_1000_0111_1100_1010_1110 P(f) = 0011_1100_0000_1110_1000_0110_1111_1001 R[8] = 1101_0101_0110_1001_0100_1011_1001_0000 -- round 9 -- L[9] = 1101_0101_0110_1001_0100_1011_1001_0000 K[9] = 1110_0000_1101_1011_1110_1011_1110_1101_1110_0111_1000_0001 E(R[9]) = 0110_1010_1010_1011_0101_0010_1010_0101_0111_1100_1010_0001 K[9]+E(R[9]) = 1000_1010_0111_0000_1011_1001_0100_1000_1001_1011_0010_0000 B0 = 100010; S0(B0) = 0001 B1 = 100111; S1(B1) = 0001 B2 = 000010; S2(B2) = 0000 B3 = 111001; S3(B3) = 1100 B4 = 010010; S4(B4) = 0101 B5 = 001001; S5(B5) = 0111 B6 = 101100; S6(B6) = 0111 B7 = 100000; S7(B7) = 0111 f = 0001_0001_0000_1100_0101_0111_0111_0111 P(f) = 0010_0010_0011_0110_0111_1100_0110_1010 R[9] = 0010_0100_0111_1100_1100_0110_0111_1010 -- round 10 -- L[10] = 0010_0100_0111_1100_1100_0110_0111_1010 K[10] = 1011_0001_1111_0011_0100_0111_1011_1010_0100_0110_0100_1111 E(R[10]) = 0001_0000_1000_0011_1111_1001_0110_0000_1100_0011_1111_0100 K[10]+E(R[10]) = 1010_0001_0111_0000_1011_1110_1101_1010_1000_0101_1011_1011 B0 = 101000; S0(B0) = 1101 B1 = 010111; S1(B1) = 1010 B2 = 000010; S2(B2) = 0000 B3 = 111110; S3(B3) = 0100 B4 = 110110; S4(B4) = 0101 B5 = 101000; S5(B5) = 0010 B6 = 010110; S6(B6) = 0111 B7 = 111011; S7(B7) = 0101 f = 1101_1010_0000_0100_0101_0010_0111_0101 P(f) = 0110_0010_1011_1100_1001_1100_0010_0010 R[10] = 1011_0111_1101_0101_1101_0111_1011_0010 -- round 11 -- L[11] = 1011_0111_1101_0101_1101_0111_1011_0010 K[11] = 0010_0001_0101_1111_1101_0011_1101_1110_1101_0011_1000_0110 E(R[11]) = 0101_1010_1111_1110_1010_1011_1110_1010_1111_1101_1010_0101 K[11]+E(R[11]) = 0111_1011_1010_0001_0111_1000_0011_0100_0010_1110_0010_0011 B0 = 011110; S0(B0) = 0111 B1 = 111010; S1(B1) = 0011 B2 = 000101; S2(B2) = 0000 B3 = 111000; S3(B3) = 0101 B4 = 001101; S4(B4) = 1101 B5 = 000010; S5(B5) = 0001 B6 = 111000; S6(B6) = 0000 B7 = 100011; S7(B7) = 0001 f = 0111_0011_0000_0101_1101_0001_0000_0001 P(f) = 1110_0001_0000_0100_1111_1010_0000_0010 R[11] = 1100_0101_0111_1000_0011_1100_0111_1000 -- round 12 -- L[12] = 1100_0101_0111_1000_0011_1100_0111_1000 K[12] = 0111_0101_0111_0001_1111_0101_1001_0100_0110_0111_1110_1001 E(R[12]) = 0110_0000_1010_1011_1111_0000_0001_1111_1000_0011_1111_0001 K[12]+E(R[12]) = 0001_0101_1101_1010_0000_0101_1000_1011_1110_0100_0001_1000 B0 = 000101; S0(B0) = 0111 B1 = 011101; S1(B1) = 1011 B2 = 101000; S2(B2) = 1000 B3 = 000101; S3(B3) = 1011 B4 = 100010; S4(B4) = 0010 B5 = 111110; S5(B5) = 0110 B6 = 010000; S6(B6) = 0011 B7 = 011000; S7(B7) = 0101 f = 0111_1011_1000_1011_0010_0110_0011_0101 P(f) = 1100_0010_0110_1000_1100_1111_1110_1010 R[12] = 0111_0101_1011_1101_0001_1000_0101_1000 -- round 13 -- L[13] = 0111_0101_1011_1101_0001_1000_0101_1000 K[13] = 1001_0111_1100_0101_1101_0001_1111_1010_1011_1010_0100_0001 E(R[13]) = 0011_1010_1011_1101_1111_1010_1000_1111_0000_0010_1111_0000 K[13]+E(R[13]) = 1010_1101_0111_1000_0010_1011_0111_0101_1011_1000_1011_0001 B0 = 101011; S0(B0) = 1001 B1 = 010111; S1(B1) = 1010 B2 = 100000; S2(B2) = 1101 B3 = 101011; S3(B3) = 0001 B4 = 011101; S4(B4) = 1000 B5 = 011011; S5(B5) = 1011 B6 = 100010; S6(B6) = 0100 B7 = 110001; S7(B7) = 1111 f = 1001_1010_1101_0001_1000_1011_0100_1111 P(f) = 1101_1101_1011_1011_0010_1001_0010_0010 R[13] = 0001_1000_1100_0011_0001_0101_0101_1010 -- round 14 -- L[14] = 0001_1000_1100_0011_0001_0101_0101_1010 K[14] = 0101_1111_0100_0011_1011_0111_1111_0010_1110_0111_0011_1010 E(R[14]) = 0000_1111_0001_0110_0000_0110_1000_1010_1010_1010_1111_0100 K[14]+E(R[14]) = 0101_0000_0101_0101_1011_0001_0111_1000_0100_1101_1100_1110 B0 = 010100; S0(B0) = 0110 B1 = 000101; S1(B1) = 0100 B2 = 010110; S2(B2) = 0111 B3 = 110001; S3(B3) = 1001 B4 = 011110; S4(B4) = 1001 B5 = 000100; S5(B5) = 1010 B6 = 110111; S6(B6) = 1111 B7 = 001110; S7(B7) = 0001 f = 0110_0100_0111_1001_1001_1010_1111_0001 P(f) = 1011_0111_0011_0001_1000_1110_0101_0101 R[14] = 1100_0010_1000_1100_1001_0110_0000_1101 -- round 15 -- L[15] = 1100_0010_1000_1100_1001_0110_0000_1101 K[15] = 1011_1111_1001_0001_1000_1101_0011_1101_0011_1111_0000_1010 E(R[15]) = 1110_0000_0101_0100_0101_1001_0100_1010_1100_0000_0101_1011 K[15]+E(R[15]) = 0101_1111_1100_0101_1101_0100_0111_0111_1111_1111_0101_0001 B0 = 010111; S0(B0) = 1011 B1 = 111100; S1(B1) = 0010 B2 = 010111; S2(B2) = 1110 B3 = 010100; S3(B3) = 1000 B4 = 011101; S4(B4) = 1000 B5 = 111111; S5(B5) = 1101 B6 = 111101; S6(B6) = 0011 B7 = 010001; S7(B7) = 1100 f = 1011_0010_1110_1000_1000_1101_0011_1100 P(f) = 0101_1011_1000_0001_0010_0111_0110_1110 R[15] = 0100_0011_0100_0010_0011_0010_0011_0100 -- round 16 -- L[16] = 0100_0011_0100_0010_0011_0010_0011_0100 K[16] = 1100_1011_0011_1101_1000_1011_0000_1110_0001_0111_1111_0101 E(R[16]) = 0010_0000_0110_1010_0000_0100_0001_1010_0100_0001_1010_1000 K[16]+E(R[16]) = 1110_1011_0101_0111_1000_1111_0001_0100_0101_0110_0101_1101 B0 = 111010; S0(B0) = 1010 B1 = 110101; S1(B1) = 0111 B2 = 011110; S2(B2) = 1000 B3 = 001111; S3(B3) = 0011 B4 = 000101; S4(B4) = 0010 B5 = 000101; S5(B5) = 0100 B6 = 011001; S6(B6) = 0010 B7 = 011101; S7(B7) = 1001 f = 1010_0111_1000_0011_0010_0100_0010_1001 P(f) = 1100_1000_1100_0000_0100_1111_1001_1000 R[16] = 0000_1010_0100_1100_1101_1001_1001_0101 left[16] = 0100_0011_0100_0010_0011_0010_0011_0100 right[16] = 0000_1010_0100_1100_1101_1001_1001_0101 R[16]L[16] = 0a4cd99543423234 = 0000101001001100110110011001010101000011010000100011001000110100 des(msg) = 85e813540f0ab405 = 1000010111101000000100110101010000001111000010101011010000000101 So there. mahoney@cs des$