FIP46-2 (Система криптозащиты в стандарте DES. Система взаимодействия периферийных устройств), страница 5
Описание файла
Текстовый-файл из архива "Система криптозащиты в стандарте DES. Система взаимодействия периферийных устройств", который расположен в категории "". Всё это находится в предмете "информатика" из , которые можно найти в файловом архиве . Не смотря на прямую связь этого архива с , его также можно найти и в других разделах. Архив можно найти в разделе "рефераты, доклады и презентации", в предмете "информатика, программирование" в общих файлах.
Просмотр 5 страницы текстового-файла онлайн
8(B8))
Thus K(+)E(R) is first divided into the 8 blocks as indicated in (6). Then
each Bi is taken as an input to Si and the 8 blocks (S1(B1)S2(B2)...S8(B8)
of 4 bits each are consolidated into a single block of 32 bits which forms
the input to P. The output (7) is then the output of the function f for the
inputs R and K.
APPENDIX
PRIMITIVE FUNCTIONS FOR THE DATA ENCRYPTION ALGORITHM
The choice of the primitive functions KS, S1,...,S8 and P is critical to the
strength of an encipherment resulting from the algorithm. Specified below is
the recommended set of functions, describing S1,...,S8 and P in the same way
they are described in the algorithm. For the interpretation of the tables
describing these functions, see the discussion in the body of the algorithm.
The primitive functions S1,...,S8 are:
S1
14 4 13 1 2 15 11 8 3 10 6 12 5 9 0 7
O 15 7 4 14 2 13 1 10 6 12 11 9 5 3 8
4 1 14 8 13 6 2 11 15 12 9 7 3 10 5 0
15 12 8 2 4 9 1 7 5 11 3 14 10 O 6 13
S2
15 1 8 14 6 11 3 4 9 7 2 13 12 O 5 10
3 13 4 7 15 2 8 14 12 0 1 10 6 9 11 5
0 14 7 11 10 4 13 1 5 8 12 6 9 3 2 15
13 8 10 1 3 15 4 2 11 6 7 12 0 5 14 9
S3
10 0 9 14 6 3 15 5 1 13 12 7 11 4 2 8
13 7 O 9 3 4 6 10 2 8 5 14 12 11 15 1
13 6 4 9 8 15 3 0 11 1 2 12 5 10 14 7
1 10 13 0 6 9 8 7 4 15 14 3 11 5 2 12
S4
7 13 14 3 0 6 9 10 1 2 8 5 11 12 4 15
13 8 11 5 6 15 O 3 4 7 2 12 1 10 14 9
10 6 9 0 12 11 7 13 15 1 3 14 5 2 8 4
3 15 O 6 10 1 13 8 9 4 5 11 12 7 2 14
S5
2 12 4 1 7 10 11 6 8 5 3 15 13 O 14 9
14 11 2 12 4 7 13 1 5 0 15 10 3 9 8 6
4 2 1 11 10 13 7 8 15 9 12 5 6 3 O 14
11 8 12 7 1 14 2 13 6 15 O 9 10 4 5 3
S6
12 1 10 15 9 2 6 8 O 13 3 4 14 7 5 11
10 15 4 2 7 12 9 5 6 1 13 14 O 11 3 8
9 14 15 5 2 8 12 3 7 0 4 10 1 13 11 6
4 3 2 12 9 5 15 10 11 14 1 7 6 0 8 13
S7
4 11 2 14 15 0 8 13 3 12 9 7 5 10 6 1
13 0 11 7 4 9 1 10 14 3 5 12 2 15 8 6
1 4 11 13 12 3 7 14 10 15 6 8 0 5 9 2
6 11 13 8 1 4 10 7 9 5 0 15 14 2 3 12
S8
13 2 8 4 6 15 11 1 10 9 3 14 5 0 12 7
1 15 13 8 10 3 7 4 12 5 6 11 0 14 9 2
7 11 4 1 9 12 14 2 0 6 10 13 15 3 5 8
2 1 14 7 4 10 8 13 15 12 9 0 3 5 6 11
The primitive function P is:
16 7 20 21
29 12 28 17
1 15 23 26
5 18 31 10
2 8 24 14
32 27 3 9
19 13 30 6
22 11 4 25
Recall that Kn, for 1<= n <= 16, is the block of 48 bits in (2) of the
algorithm. Hence, to describe KS, it is sufficient to describe the
calculation of Kn from KEY for n = 1, 2,..., 16. That calculation is
illustrated in Figure 3. To complete the definition of KS it is therefore
sufficient to describe the two permuted choices, as well as the schedule of
left shifts. One bit in each 8-bit byte of the KEY may be utilized for error
detection in key generation, distribution and storage. Bits 8, 16,..., 64
are for use in assuring that each byte is of odd parity.
Permuted choice 1 is determined by the following table:
PC-1
57 49 41 33 25 17 9
1 58 50 42 34 26 18
10 2 59 51 43 35 27
19 11 3 60 52 44 36
63 55 47 39 31 23 15
7 62 54 46 38 30 22
14 6 61 53 45 37 29
21 13 5 28 20 12 4
The table has been divided into two parts, with the first part determining
how the bits of C() are chosen, and the second part determining how the bits
of D() are chosen. The bits of KEY are numbered 1 through 64. The bits of
C() are respectively bits 57, 49, 41,..., 44 and 36 of KEY, with the bits of
D() being bits 63, 55, 47,..., 12 and 4 of KEY.
With C() and D() defined, we now define how the blocks Cn and Dn are
obtained from the blocks Cn-1 and Dn-1, respectively, for n = 1, 2,..., 16.
That is accomplished by adhering to the following schedule of left shifts of
the individual blocks:
Figure 3. Key schedule calculation.
Iteration Number of
Number Left Shifts
1 1
2 1
3 2
4 2
5 2
6 2
7 2
8 2
9 1
10 2
11 2
12 2
13 2
14 2
15 2
16 1
For example, C3 and D3 are obtained from C2 and D2, respectively, by two
left shifts, and C16 and D16 are obtained from C15 and D15, respectively, by
one left shift. In all cases, by a single left shift is meant a rotation of
the bits one place to the left, so that after one left shift the bits in the
28 positions are the bits that were previously in positions 2, 3,..., 28, 1.
Permuted choice 2 is determined by the following table:
PC-2
14 17 11 24 1 5
3 28 15 6 21 10
23 19 12 4 26 8
16 7 27 20 13 2
41 52 31 37 47 55
30 40 51 45 33 48
44 49 39 56 34 53
46 42 50 36 29 32
Therefore, the first bit of Kn is the 14th bit of CnDn, the second bit the
17th, and so on with the 47th bit the 29th, and the 48th bit the 32nd.
The Foreword, Abstract, and Key Words follow:
FIPS PUB 46-2
FEDERAL INFORMATION
PROCESSING STANDARDS PUBLICATION
1993 December 30
U.S. DEPARTMENT OF COMMERCE/National Institute of Standards and Technology
DATA ENCRYPTION STANDARD (DES)
U.S. DEPARTMENT OF COMMERCE, Ronald H. Brown, Secretary
Technology Administration, Mary L. Good, Undersecretary for Technlogy
National Institute of Standards and Technology, Arati Prabhakar, Director
Foreword
The Federal Information Processing Standards Publication Series of the
National Bureau of Standards (NBS) is the official publication relating to
standards, guidelines, and documents adopted and promulgated under the
provisions of Public Law 89-306 (Brooks Act) and under Part 6 of Title 15,
Code of Federal Regulations. These legislative and executive mandates have
