DES is not a Group

  • Keith W. Campbell
  • Michael J. Wiener
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 740)

Abstract

We prove that the set of DES permutations (encryption and decryption for each DES key) is not closed under functional composition. This implies that, in general, multiple DES-encryption is not equivalent to single DES-encryption, and that DES is not susceptible to a particular known-plaintext attack which requires, on average, 228 steps. We also show that the size of the subgroup generated by the set of DES permutations is greater than 102499, which is too large for potential attacks on DES which would exploit a small subgroup.

References

  1. 1.
    D. Coppersmith, “In Defense of DES”, personal communication, July 1992 (This work was also described briefly in a posting to sci.crypt on Usenet News, 1992 May 18).Google Scholar
  2. 2.
    D. Coppersmith, “The Real Reason for Rivest’s Phenomenon”, Advances in Cryptology-Crypto’ 85 Proceedings, Springer-Verlag, New York, pp. 535–536.Google Scholar
  3. 3.
    Data Encryption Standard, Federal Information Processing Standards Publication 46, National Bureau of Standards, U.S. Department of Commerce, Washington, DC (1977 Jan. 15).Google Scholar
  4. 4.
    B.S. Kaliski, R.L. Rivest, and A.T. Sherman, “Is the Data Encryption Standard a Group? (Results of Cycling Experiments on DES)”, Journal of Cryptology, vol. 1 (1988), no. 1, pp. 3–36.CrossRefMATHMathSciNetGoogle Scholar
  5. 5.
    J.H. Moore and G.J. Simmons, “Cycle Structure of the DES with Weak and Semi-weak Keys”, Advances in Cryptology-Crypto’ 86 Proceedings, Springer-Verlag, New York, pp. 9–32.Google Scholar
  6. 6.
    H. Morita, K. Ohta, and S. Miyaguchi, “A Switching Closure Test to Analyze Cryptosystems”, Advances in Cryptology-Crypto’ 91 Proceedings, Springer-Verlag, New York, pp. 183–193.Google Scholar
  7. 7.
    J.-J. Quisquater and J.-P. Delescaille, “How easy is collision search? Application to DES”, Advances in Cryptology-Eurocrypt 89 Proceedings, Springer-Verlag, New York, pp. 429–434.Google Scholar
  8. 8.
    J.-J. Quisquater and J.-P. Delescaille, “How easy is collision search. New results and applications to DES”, Advances in Cryptology-Crypto’ 89 Proceedings, Springer-Verlag, New York, pp. 408–413.Google Scholar
  9. 9.
    R. Sedgewick, T.G. Szymanski, and A.C. Yao, “The complexity of finding cycles in periodic functions”, Siam Journal on Computing, vol. 11 (1982), no. 2, pp. 376–390.CrossRefMATHMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1993

Authors and Affiliations

  • Keith W. Campbell
    • 1
  • Michael J. Wiener
    • 1
  1. 1.Bell-Northern ResearchOttawaCanada

Personalised recommendations