**Cryptography Tutorials - Herong's Tutorial Examples** - Version 5.36, by Dr. Herong Yang

DES Decryption Algorithm

This section describes DES decryption algorithm - identical to the encryption algorithm step by step in the same order, only with the subkeys applied in the reverse order.

The decryption algorithm of a block cipher should be identical to encryption algorithm step by step in reverse order. But for DES cipher, the encryption algorithm is so well designed, that the decryption algorithm is identical to the encryption algorithm step by step in the same order, only with the subkeys applied in the reverse order.

DES decryption algorithm:

Input: CC: 64 bits of cipher text k16, k15, ..., k1: 16 round keys IP: Initial permutation FP: Final permutation f(): Round function Output: TT: 64 bits of clear text Algorithm: CC' = IP(CC), applying initial permutation (LL0, RR0) = CC', dividing CC' into two 32-bit parts (LL1, RR1) = (RR0, LL0 ^ f(RR0, k16)) (LL2, RR2) = (RR1, LL1 ^ f(RR1, k15)) ...... TT' = (RR16, LL16), swapping the two parts TT = FP(TT'), applying final permutation

Here is how to approve the decryption algorithm:

Let: T: 64 bits of clear text C: 64 bits of cipher text encrypted from T CC: 64 bits of cipher text TT: 64 bits of clear text decrypted from CC If: CC = C Then: TT = T Prove: CC' = IP(CC) First step of decryption = IP(C) Assumption of CC = C = IP(FP(C')) Last step of encryption = C' IP is the inverse permutation of FP (LL0, RR0) = CC' Initializing step in decryption = C' CC' = C' = (R16, L16) Swapping step in encryption (LL1, RR1) = (RR0, LL0 ^ f(RR0, k16)) First round of decryption = (L16, R16 ^ f(L16, k16)) Previous result = (R15, (L15 ^ f(R15,k16)) ^ f(R15, k16)) (L16, R16) = (R15, L15 ^ f(R15, k16)) = (R15, L15) ^ reverse itself ...... (LL16, RR16) = (R0, L0) TT' = (RR16, LL16) Swapping in decryption = (L0, R0) Previous result = T' Initializing step in encryption TT = FP(TT') Last step in decryption = FP(T') Previous result = FP(IP(T)) First step in encryption = T FP is the inverse permutation of IP

Table of Contents

Introduction to AES (Advanced Encryption Standard)

►Introduction to DES Algorithm

DES (Data Encryption Standard) Cipher Algorithm

DES Key Schedule (Round Keys Generation) Algorithm

DES Algorithm - Illustrated with Java Programs

DES Algorithm Java Implementation

DES Algorithm - Java Implementation in JDK JCE

DES Encryption Operation Modes

PHP Implementation of DES - mcrypt

Blowfish - 8-Byte Block Cipher

Secret Key Generation and Management

Cipher - Secret Key Encryption and Decryption

RSA Implementation using java.math.BigInteger Class

Introduction of DSA (Digital Signature Algorithm)

Java Default Implementation of DSA

Private key and Public Key Pair Generation

PKCS#8/X.509 Private/Public Encoding Standards

Cipher - Public Key Encryption and Decryption

OpenSSL Introduction and Installation

OpenSSL Generating and Managing RSA Keys

OpenSSL Generating and Signing CSR

OpenSSL Validating Certificate Path

"keytool" and "keystore" from JDK

"OpenSSL" Signing CSR Generated by "keytool"

Migrating Keys from "keystore" to "OpenSSL" Key Files

Certificate X.509 Standard and DER/PEM Formats

Migrating Keys from "OpenSSL" Key Files to "keystore"

Using Certificates in IE (Internet Explorer)