DES Functional Description
www.ti.com
664
SWRU543–January 2019
Submit Documentation Feedback
Copyright © 2019, Texas Instruments Incorporated
Data Encryption Standard Accelerator (DES)
18.1 DES Functional Description
The DES module is an efficient implementation of a DES block cipher. Block ciphers, as opposed to
stream ciphers, operate on blocks of plaintext and ciphertext. The DES block size is 8 bytes. The DES key
consists of 64 binary digits, but only 56 bits are actually used directly by the algorithm. The other 8 bits are
used for error detection.
The 64-bit block of input data to be enciphered is initially permuted, then passed through 16 iterations of a
calculation that uses a cipher function, and finally permutated to the inverse of the initial permutation. At
each of the 16 iterations, a 48-bit key computed from the 64-bit input key is applied to one of the 32-bit
subblocks of the 64-bit input block using the cipher function. The 48-bit key value changes for each
iteration. The result of the cipher function is a 32-bit subblock, which is concatenated with the second 32-
bit input subblock. The resulting 64-bit output block of each iteration feeds back as the input of the next
iteration. To decipher, it is only necessary to apply the same algorithm to the enciphered message block,
taking care that each iteration of the computation will use the same 48-bit key that was used during
enciphering.
The triple DES is the DES used three times in a row (also known as DES-EDE). It uses three keys (key1,
key2, and key3), so that key length is 168 bits effective: a 64-bit block plaintext is encrypted with key1,
decrypted with key2, and encrypted with key3; and a 64-bit ciphertext is decrypted with key1, encrypted
with key2, and decrypted with key3.
Three keying options are defined in ANSI X9.52 for DES-EDE:
• The three keys—key1, key2, and key3—are independent.
• key1 and key2 are independent, but key1 = key3
• key1 = key2 = key3
The first option provides highest level of security; the last option is compatible with single DES. See
Table 18-1 for key use.
Table 18-1. Key Repartition
Mode Key1_L Key1_H Key2_L Key2_H Key3_L Key3_H
64-bit (DES) √ √ X X X X
192-bit (3DES) √ √ √ √ √ √
ECB, CBC, and CFB modes can be used with DES and 3DES modes.
18.2 DES Block Diagram
The module architecture consists of primary blocks, as shown in Figure 18-1. The DES module includes a
register interface and a µDMA and interrupt interface.
Depending of the availability of context and data, the DES engine is automatically triggered to process the
data. The DES engine is directly connected to the context and data registers, such that it can immediately
start processing when all data is available.
Packets (64-bit blocks) must be parsed into blocks and sequentially fed into the DES, which can buffer the
block being processed, as well as an additional block that may be queued in advance.
To Next Page
Loading...
