Saturday 16 March 2013

Initial Permutation


Initial Permutation
The initial permutation and its inverse are defined by tables, as shown in Tables 3.2a and 3.2b, respectively. The tables are to be interpreted as follows. The input to a table consists of 64 bits numbered from 1 to 64. The 64 entries in the permutation table contain a permutation of the numbers from 1 to 64. Each entry in the permutation table indicates the position of a numbered input bit in the output, which also consists of 64 bits.
Table 3.2. Permutation Tables for DES
(This item is displayed on page 76 in the print version)
(a) Initial Permutation (IP)
58
50
42
34
26
18
10
2
60
52
44
36
28
20
12
4
62
54
46
38
30
22
14
6
64
56
48
40
32
24
16
8
57
49
41
33
25
17
9
1
59
51
43
35
27
19
11
3
61
53
45
37
29
21
13
5
63
55
47
39
31
23
15
7
(b) Inverse Initial Permutation (IP1)
40
8
48
16
56
24
64
32
39
7
47
15
55
23
63
31
38
6
46
14
54
22
62
30
37
5
45
13
53
21
61
29
36
4
44
12
52
20
60
28
35
3
43
11
51
19
59
27
34
2
42
10
50
18
58
26
33
1
41
9
49
17
57
25
(c) Expansion Permutation (E)
 
32
1
2
3
4
5
  
 
4
5
6
7
8
9
  
 
8
9
10
11
12
13
  
 
12
13
14
15
16
17
  
 
16
17
18
19
20
21
  
 
20
21
22
23
24
25
  
 
24
25
26
27
28
29
  
 
28
29
30
31
32
1
  
(d) Permutation Function (P)
16
7
20
21
29
12
28
17
1
15
23
26
5
18
31
10
2
8
24
14
32
27
3
9
19
13
30
6
22
11
4
25


To see that these two permutation functions are indeed the inverse of each other, consider the following 64-bit input M:
M1
M2
M3
M4
M5
M6
M7
M8
M9
M10
M11
M12
M13
M14
M15
M16
M17
M18
M19
M20
M21
M22
M23
M24
M25
M26
M27
M28
M29
M30
M31
M32
M33
M34
M35
M36
M37
M38
M39
M40
M41
M42
M43
M44
M45
M46
M47
M48
M49
M50
M51
M52
M53
M54
M55
M56
M57
M58
M59
M60
M61
M62
M63
M64


where Mi is a binary digit. Then the permutation X = IP(M) is as follows:
M58
M50
M42
M34
M26
M18
M10
M2
M60
M52
M44
M36
M28
M20
M12
M4
M62
M54
M46
M38
M30
M22
M14
M6
M64
M56
M48
M40
M32
M24
M16
M8
M57
M49
M41
M33
M25
M17
M9
M1
M59
M51
M43
M35
M27
M19
M11
M3
M61
M53
M45
M37
M29
M21
M13
M5
M63
M55
M47
M39
M31
M23
M15
M7


If we then take the inverse permutation Y = IP-1(X) = IP-1(IP(M)), it can be seen that the original ordering of the bits is restored.
Details of Single Round
Figure 3.5 shows the internal structure of a single round. Again, begin by focusing on the left-hand side of the diagram. The left and right halves of each 64-bit intermediate value are treated as separate 32-bit quantities, labeled L (left) and R (right).
The round key Ki is 48 bits. The R input is 32 bits. This R input is first expanded to 48 bits by using a table that defines a permutation plus an expansion that involves duplication of 16 of the R bits (Table 3.2c). The resulting 48 bits are XORed with Ki. This 48-bit result passes through a substitution function that produces a 32-bit output, which is permuted as defined by Table 3.2d.
The role of the S-boxes in the function F is illustrated in Figure 3.6. The substitution consists of a set of eight S-boxes, each of which accepts 6 bits as input and produces 4 bits as output. These transformations are defined in Table 3.3, which is interpreted as follows: The first and last bits of the input to box Si form a 2-bit binary number to select one of four substitutions defined by the four rows in the table for Si. The middle four bits select one of the sixteen columns. The decimal value in the cell selected by the row and column is then converted to its 4-bit representation to produce the output. For example, in S1 for input 011001, the row is 01 (row 1) and the column is 1100 (column 12). The value in row 1, column 12 is 9, so the output is 1001



at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)
  • Finding the Greatest Common Divisor
    Finding the Greatest Common Divisor The Euclidean algorithm is based on the following theorem: For any nonnegative integer a and any...
  • Traffic Confidentiality
    7.2. Traffic Confidentiality We mentioned in Chapter 1 that, in some cases, users are concerned about security from traffic analysis....