DES Enhancement Using Key-Based Randomized Initial Permutation Shakir M. Hussain 1 and Hussein Al-Bahadili 2 1 Faculty of IT, Applied Science University, Amman, Jordan 2 Faculty of IT and Systems, Arab Academy for Banking and Financial Sciences, Amman, Jordan Abstract - This paper introduces a new method to enhance the performance of the Standard Data Encryption Standard (DES), or any permutation dependent encryption algorithms, by increasing the brute-force attack time complexity by a factor of 64!. The new algorithm is referred to as Enhanced DES (EDES). This is done by replacing the predefined initial permutations (IP) and its inverse (IP -1 ) that are used in the standard DES design with key-based permutations. The new permutations are derived using the Key-Based Random Permutation (KBRP) method. These permutations are derived by using the same cipher key that is used in the standard DES. Therefore, these permutations will not be fixed and can be considered as pseudorandom permutations. The performance of the new EDES algorithm is examined in term of the features of the generated ciphertext and processing time. Keywords: DES; Block cipher; Random Permutation; Key- Based Random Permutation (KBRP) method; Randomness test; Brute-force attack. 1 Introduction The Data Encryption Standard (DES) is one of the most widely used data security algorithm. It was first proposed by IBM in a project called Lucifer [1] which comes as a reply to a request from the National Institute of Standards and Technology (NIST) for developing a national symmetric- key crypto system. The IBM proposal was slightly modified by the NIST, and then it was accepted and referred to as DES. It was published in the Federal Register in March 1975 and adopted in 1977 as Federal Information Processing Standard 46 (FIPS PUB 46) [2]. The DES is a symmetric-key block cipher that uses 56-bit cipher key. The encryption process is made of the following main blocks: (i) two permutations (P-boxes), which are called initial permutation (IP) and its inverse (IP -1 ), (ii) sixteen Feistel rounds, (iii) 32-bit swap, and (iv) round-key generator. Each round uses different 48-bit key generated using the input cipher key, according to a predefined algorithm, as shown in Figure (1) [3,4]. Each of the above P-boxes takes a 64-bit input and plaintext/ciphertext permutes them according to a predefined rule. This design for the DES provides a certain level of security. In order to enhance the security of DES, a number of techniques have been proposed and developed to produce a number of DES variations. In this paper, we propose an efficient modification to the standard DES design by introducing a cipher key-based permutation. The key-based permutation is generated using an adequate and a reliable method, namely, the Key-Based Random Permutation (KBRP) method [5], which generates a permutation depending on the input cipher key. This permutation is used to replace the predefined permutation in the standard DES design. The new proposed algorithm is referred to as Enhanced DES (EDES). The rest of this paper is organized as follows. Section 2 describes the KBRP method, and how it will be customized and used in this research. In Section 3, a detail description of the EDES algorithm is presented. In Section 4, in order to evaluate the performance of the EDES, a number of experiments are performed for enciphering/deciphering different plaintext files with various cipher keys. The performance is evaluated in terms of comparing the randomness of the ciphertext and the processing times for both DES and EDES. Finally, in Section 5, conclusions are drawn and recommendations for future work are pointed- out. 64-bit plaintext Initial permutation Final permutation Round 1 Round 2 Round 16 Round-key generator K 1 48-bit K 2 48-bit K 16 48-bit 64-bit ciphertext 56-bit cipher key