Annual International Cryptology Conference

CRYPTO 1992: Advances in Cryptology — CRYPTO’ 92 pp 512-520

DES is not a Group

  • Keith W. Campbell
  • Michael J. Wiener
Conference paper

DOI: 10.1007/3-540-48071-4_36

Volume 740 of the book series Lecture Notes in Computer Science (LNCS)

Abstract

We prove that the set of DES permutations (encryption and decryption for each DES key) is not closed under functional composition. This implies that, in general, multiple DES-encryption is not equivalent to single DES-encryption, and that DES is not susceptible to a particular known-plaintext attack which requires, on average, 228 steps. We also show that the size of the subgroup generated by the set of DES permutations is greater than 102499, which is too large for potential attacks on DES which would exploit a small subgroup.

Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 1993

Authors and Affiliations

  • Keith W. Campbell
    • 1
  • Michael J. Wiener
    • 1
  1. 1.Bell-Northern ResearchOttawaCanada