More Efficient Software Implementations of (Generalized) DES

This paper serves two purposes: We present some generalizations of the Data Encryption Standard (DES) and explain how to efficiently implement DES and its generalizations in software. By preserving the macro structure of DES, but by allowing the user to choose (1) 16.48 independent key bits instead of generating them all using only 56 key bits, (2) arbitrary substitutions S 1 , ..., S 8 , (3) arbitrary permutations IP and P, and (4) an arbitrary expanding permutation E, we obtain a very general and presumably much stronger cipher called generalized DES, or G-DES for short. A cipher having the first three extensions is called G-DES with non-arbitrary E. We choose, in an unorthodox way, from some well known equivalent representations of G-DES and some well suited table combinations and implementations. Concatenations of substitutions and permutations are precomputed and tabulated. Since direct tabulation of e.g. a permutation of 32 bits requires 2 32 entries of 4 bytes each, which..