DES and Triple DES for payments Calculator - ISO8583 standard

How DES {Data Encryption Standard} works

In this example we explain DES encryption for a 16 byte block of data (1234567890000000), with a 16 byte key (0123456789ABCDEF).

First, we permutate the key. This is done by taking the key's binary value, and applying a series of permutations of its bits. Example: 1110001010011011110010000101111111011100001101110100011000110000 is the key, and one permutation is of 9. The first 9 bits are cut from the head and go to the end, like this. 0011011110010000101111111011100001101110100011000110000111000101 This is done a number of times, based on an array of permutations.

Next step is to do apply a similar procedure to the data block. We split the data's binary value into two blocks. We shift the bits of each half a number of times, based on an array of shifts. Then we calculate the result block First, we permutate the key. This is done by taking the keys's binary value, and applying a series of permutations of its bits. Example: 1110001010011011110010000101111111011100001101110100011000110000 is the key, and one permutation is of 9. The first 9 bits are cut from the head and go to the end, like this. 0011011110010000101111111011100001101110100011000110000111000101 This is done a number of times, based on an array of permutations.

Next step is to do apply a series of shifts on the binary data. We split the data's binary value into two blocks.

We shift the bits of each half a number of times to the left, based on an array of shifts.

Then, we calculate the result block by permutating the resulted shifted blocks from above, based on an array of permutations. Not really simple, but it really scrambles the key information. We obtain a really nice and scrambled binary key array.

The data block suffers a similar procedure. We split the binary value in two arrays of bits, left and right. We start scrambling the right part of the data by permutating its bits based on an array of permutations. Then we apply a binary XOR of this data with the scrambled key obtained above.

This is when we start really encrypting the data. We take the result above and split it into groups of 6. For each group, we take the first and 6th bit and calculate the value, name it Row. The middle bits are used to calculate another value, Column.

Using a matrix with rows and columns, we select a value. By concatenating all the binary arrays of these obtained values , we get a nice and big binary array which has nothing to do with the original data any more. Just to make sure it is all very messy, we permutate the obtained result a couple of times, based on a predefined table of permutations.

The new value of the right half is now very messy, and as a final action, we perform a binary XOR between the left part and the permutated result. This is the final value of the right half. The left half will be the previous value of the right half.

We apply this procedure 17 times, to get it all very messy, and to be sure, we concatenate the left and right halves, permutate their bits based on another permutations array, and we have the final value of the encrypted block.

According to wiki documentation on [ Data Encryption Standard ],these days, a brute force attack can break this encryption in about 22 hours by trying out all possible combinations. The real limitation of this algorithm is really the length of the key, otherwise it is as messy as the most twisted mind can think of.

Anyway, since it can be broken so easily, Triple DES steps in to help. It uses a double or triple length key and, in simple words, it encrypts the block with the first part, decrypts with the second, and encrypts again with the first.