Computer Security and Cryptography by

9.4 DES KEY SCHEDULE

Three arrays PC-1, PC-2, and KS specify the 48 key bits that are used on each round (Tables 9.14–9.16). The DES key schedule starts with the 56-bit user key k = (k₀, k₁, …, k₅₅) and derives 16 internal keys k_i = (k_{i, 0}, k_{i, 1}, …, k_{i, 47}) with 0 ≤ i < 16, as shown in Figure 9.5. The 48-bit internal key k_i used on the ith round is derived as follows:

• KS-1: The user key k is inserted in two 28-bit registers [C, D] according to (PC-1).

  

• KS-2: [C₀, D₀] is the initial state of the registers [C, D].
• KS-3: At the start of the ith round, the combined register-pair [C_{i − 1}, D_{i − 1}] is left-circular shifted by KS[i] positions, producing [C_i, D_i]. For example,

  

• KS-4: k_i is derived from the 28 bits of the concatenation of [C_i, D_i] according to (PC-2).

  

Each bit of the user key is used about 13.7 times in a DES-encipherment. The key schedule is designed to use the key bits of k in as uniform a manner as possible.

TABLE 9.14 PC-1

TABLE 9.15 PC-2

TABLE 9.16 DES Key Shifts

It is ...