Various DES Information

Results of various rounds of DES

Rounds Clear Text
bits changed Encryption Key
bits changed

0 1 0

1 6 2

2 21 14

3 35 28

4 39 32

5 34 30

6 32 32

7 31 35

8 29 34

9 42 40

10 44 38

11 32 31

12 30 33

13 30 28

14 26 26

15 29 34

16 34 35

Tot. 495 472

Ref: ICSA Guide to Cryptography, 1999; p. 200

DES Known Weak Keys

Key with Parity				Actual Key
0000	0000	0000	0000	0000	0000	0000	0000
1F1F	1F1F	0E0E	0E0E	0000	0000	FFFF	FFFF
E0E0	E0E0	F1F1	F1F1	FFFF	FFFF	0000	0000
FEFE	FEFE	FEFE	FEFE	FFFF	FFFF	FFFF	FFFF

Ref: FIPS and ANSI "Key Management" Specifications

Other Semi-weak DES Keys

01FE	01FE	01FE	01FE	&	FE01	FE01	FE01	FE01
1FE0	1FE0	0EF1	0EF1	&	E01F	E01F	F10E	F10E
01E0	01E0	01F1	01F1	&	E001	E001	F101	F101
1FFE	1FFE	0EFE	0EFE	&	FE1F	FE1F	FE0E	FE0E
011F	011F	010E	010E	&	1F01	1F01	0E01	0E01
E0FE	E0FE	F1FE	F1FE	&	FEE0	FEE0	FEF1	FEF1

Ref: FIPS and ANSI "Key Management" Specifications

It wasn't until about 5-8 years after DES was chosen as the Banking and Government Encryption Standard that the above list of known weak and semi-weak keys were discovered.

It has now been over 20 years and no new weak keys have been discovered recently so we know that if we refrain from using the above listed keys, we are pretty safe.

For Triple DES however, how long (months?/years?) will it be before we discover all of it's weak keys? Until we do, any one of those keys which encrypts data may just happen to cause the encrypted data to be the same as the clear text. (This was the case with one of the above DES Keys).

Key to the Security Mystery Top

Rounds	Clear Text bits changed	Encryption Key bits changed
0	1	0
1	6	2
2	21	14
3	35	28
4	39	32
5	34	30
6	32	32
7	31	35
8	29	34
9	42	40
10	44	38
11	32	31
12	30	33
13	30	28
14	26	26
15	29	34
16	34	35
Tot.	495	472