This document provides an overview of the Triple Data Encryption Standard (3DES). It first briefly describes the original Data Encryption Standard (DES) and its key components including the initial and final permutations, substitution boxes, and key schedule. It then explains that 3DES applies DES three times with three different keys to strengthen security by effectively doubling the key size to 112 bits. Simulations are included showing encryption and decryption using 3DES with equal and different keys.

1. Trible Data Encryption Standard
(3DES)
Prepared by: Ahmed Mohamed
Ahmedmohamed.eece@gmail.com

2. Contents:
Introduction: a short history of DES
 Basic Terminology
 DES
 3DES
 Simulations

3. Introduction:
• The Data Encryption Standard (DES) is a symmetric-key block cipher published by
the National Institute of Standards and Technology (NIST).
• DES was developed as a standard for communications and data protection by an
IBM research team, in response to a public request for proposals by the NBS - the
National Bureau of Standards (which is now known as NIST).

4. Basic Terminology
• plaintext - the original message
• ciphertext - the coded message
• cipher - algorithm for transforming plaintext to ciphertext
• key - info used in cipher known only to sender/receiver
• encipher (encrypt) - converting plaintext to ciphertext
• decipher (decrypt) - recovering ciphertext from plaintext
• Permutation !

5. Permutation:
…….
……..
1 2 3 4 32
22 6 13 32 3
Input:
Output
0 0 1 0 1
1 0 1 1 1
1 bit

6. DES
Key: 64 bit quantity=8-bit parity+56-bit key
Every 8th bit is a parity bit.
64 bit input, 64 bit output.

7. DES STRUCTURE

8. Initial and Final Permutations

9. Continue

10. Example:
• Find the output of the initial permutation box when the input is given in
hexadecimal as:
• Solution:
Only bit 25 and bit 63 are 1s; the other bits are 0s. In the final permutation, bit 25
becomes bit 64 and bit 63 becomes bit 15. The result is

11. Initial Permutations VHDL Code

12. Note

13. DES top view
Permutation
Permutation
Swap
Round 1
Round 2
Round 16
Generate keys
Initial Permutation
48-bit K1
48-bit K2
48-bit K16
Swap 32-bit halves
Final Permutation
64-bit Output
48-bit K164-bit Input
56-bit Key
…...

14. DES
64 bit plaintext block
IP
L0 R0
L1=R0 R1=L0 f(R0,K1)
f
K1 (derived from
56 bit key)=48 bit
L16=R15
f
K16 (derived from
56 bit key)= 48 bit
IP-1
repeat 16 times…
64 bit ciphertext block
R16=L15 f(R15,K16)
32 32



15. Per-Round Key Generation
28 bits 28 bits
48 bits
Ki
One
round
Circular Left Shift Circular Left Shift
28 bits 28 bits
Permutation
with Compression,
PC-2
Initial Permutation of DES key ,PC-1
C i-1 D i-1
C i D i

16. Key generation:

17. • Parity-bit drop table:
Key-compression table:

18. Rounds
𝐿 𝑛 = 𝑅 𝑛−1

19. L0 R0
L1 R1
48 bit subkey
Generator
K48 = g(i,K56)
(The key for
each round is
deterministically
found from the
input 56 bit key).
Expansion Permutation
S-Box Substitution
P-Box Permutation
32
48
48
48
32
32
3232
32

20. Expansion P-box
• Since RI−1 is a 32-bit input and KI is a 48-bit key, we first need to expand RI−1 to
48 bits.

21. Continue
• Although the relationship between the input and output can be defined
mathematically, DES uses Table to define this P-box.

22. Expansion P-box VHDL Code

23. S-Boxes
• The S-boxes do the real mixing (confusion). DES uses 8 S-boxes, each with a 6-bit
input and a 4-bit output.

24. S-box rule
S-box
1
14 4 13 1 2 15 11 8
3 10 6 12 5 9 0 7
0 15 7 4 14 2 13 1
10 6 12 11 9 5 3 8
4 1 14 8 13 6 2 11
15 12 9 7 3 10 5 0
15 12 8 2 4 9 1 7
5 11 3 14 10 0 6 13
Pageselect

25. Example:
• The input to S-box 1 is 100011. What is the output?
• Answer:
• If we write the first and the sixth bits together, we get 11 in binary, which is 3 in
decimal. The remaining bits are 0001 in binary, which is 1 in decimal. We look for the
value in row 3, column 1, in Table (S-box 1).
• The result is 12 in decimal, which in binary is 1100. So the input 100011 yields the output
1100.

26. S-Box1 VHDL Code
And So on ..

27. Straight Permutation

28. Straight Permutation VHDL Code

29. Decryption
• The same algorithm as encryption.
• Reversed the order of key (Key16, Key15, … Key1).
• For example:
IP undoes IP-1 step of encryption.
1st round with SK16 undoes 16th encrypt round.

30. DES Security:
• Not too good:
• Trying all 256 possible keys
is not that hard these days.
• If you spend ~$25k you can build
a DES password cracker that can
will succeed in a few hours.
• The major criticism of DES regards its key length. Fortunately DES is not a group.
This means that we can use double or triple DES to increase the key size.

31. Triple DES - More Secure
True cryptographic strength of 3DES key is 2x56 bits = 112 bits
Ci  EK3
DK2
EK1
Pi   

32. Triple DES - More Secure
Triple DES with two keys
• Run DES three times
Why Encrypt then Decrypt then
Encrypt with 2 keys?!
• Backwards compatibility
• If K2 = K3, this is DES
E(D(E(P,K),K),K)= E(P,K)
C=E(D(E(P,K1),K2),K1)
P=D(E(D(C,K1),K2),K1)

33. Comparison

34. Simulation:K1=K2=K3: Encryption

35. Simulation:K1=K2=K3: Decryption

36. Simulation:K1=K3: Encryption

37. Simulation:K1=K3: Decryption

38. Simulation:K1≠K2≠K3: Encryption

39. Simulation:K1≠K2≠K3: Decryption

40. Any Questions ?
Thank You