Data Encryption and Decryption:

Implementing a MIPS32 Library for

Simplified Data Encryption Standard (S-DES)

COE301: Computer Organization

Term 241

October 22nd, 2024

1 Introduction
As computers are becoming more intrusive and prevalent in different facets of life, digital privacy and
security is evermore becoming important. To protect the integrity and privacy of data, encryption aims at
obscuring the data by performing multiple operations given a secret key. In its essence, data encryption is
meant to be computational expensive to prohibit exhaustive search of encryption keys. When designing a
compute system, data encryption is a very important operation, as it is used very often and incurs heavy
load on the compute system. In non-homomorphic encryption, an encrypted data is decrypted first to
perform various operations, and the result must be encrypted before it is stored again. To design an
efficient instruction set architectures (ISA), one must be familiar with the complexity of data encryption
and decryption, as it is a necessity in today’s digital world.

The goal of this programming assignment is to develop a library for simplified data encryption
standard (S-DES), which is a simplified encryption scheme of data encryption standard (DES) [7]. The
program will take as an input two strings: a password and a message. The program will create a key
from the password. The program will ask the user for the requested operation: either encryption or
decryption. Then, the program will use the implemented library of (S-DES) to either encrypt or decrypt
the given message. If the requested operation is encryption, then the provided message from the user is
treated as a string of 8-bit ASCII characters. On the other hand, if the requested operation is decryption,
then the provided message is treated as a hexadecimal number (the digits of the hexadecimal number
is represented as 8-bit ASCII characters), which needs to be parsed correctly. The result of either
encryption (a string of hexadecimal digits represented through 8-bit ASCII characters) or decryption (a
string of 8-bit ASCII characters) is finally printed to the user.

The rest of this document is structured as follows: Section 2 discusses the simplified data
encryption standard (S-DES), Section 3 provides an example C programming language implementation
of the simplified data encryption standard (S-DES) library, and Section 4 clarifies the deliverables and
the interface required for the program.

2 Simplified Data Encryption Standard (S-DES)

Simplified data encryption standard (S-DES) is based on the National Bearu of Standards’ (NBS) data
encryption standard (DES) [7]; DES is a block-cipher symmetric-key encryption scheme proposed by
NBS in 1977. Based on the work by Horst Feistel[5, 6], IBM developed DES and submitted it to the
NBS as part of a initiative to protect data security and privacy. Before being published in 1976, the NBS
modified DES slightly to address some weaknesses. The modifications has sparked a lot of debate since it
made DES susceptible to brute-force attacks[3]. However, it has been revealed retrospectively that NBS
was making DES more resilient against differential cryptanalysis[1, 2]. Note: S-DES has been developed
specifically for this assignment and bears no relation to S-DES proposed by Edward Schaefer[4].

1
 Data Key
Block
32 32

Initial
Permutation
32
32
Round 0

. 32
32
ROTR 4
Round 1
.
32 ROTR 4
. 32
Round 2
In Block
Round-Key

Generate Round-Key
32 ROTR 4
32
Round 3
32 ROTR 4
Sbox Sbox Sbox Sbox Sbox Sbox Sbox Sbox
32
Round 4
32
Out Block ROTR 4
32
. Round 5
32
. 32
ROTR 4
Round 6
. 32
ROTR 4
32
Round 7
32

Final
Permutation
32

Cipher
Block

Figure 1: S-DES Overview–General overview of the S-DES encryption scheme; to decrypt, the flow
goes from the bottom to the top; while to encrypt, the flow goes from the top to the bottom.

The S-DES is composed of four major functionalities: generating key from plain-text password,
generating round-key, permutation, and S-DES rounds. Figure 1 shows the overview of the S-DES
scheme. Input data to encrypt is divided into blocks of 32-bit, hence the block-cipher nature of S-DES.
If the data length is not divisible by 32, the data is padded with zeros. Each block is encrypted with
the S-DES scheme shown in Figure 1. To decrypt a cipher data, the S-DES scheme is applied in exact
reverse (i.e., starting from the bottom of the scheme towards the top).

2
 Hexadecimal Digit
round num % 4 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
0 2 12 4 1 7 10 11 6 8 5 3 15 13 0 14 9
1 14 11 2 12 4 7 13 1 5 0 15 10 3 9 8 6
2 4 2 1 11 10 13 7 8 15 9 12 5 6 3 0 14
3 11 8 12 7 1 14 2 13 6 15 0 9 10 4 5 3

Table 1: S-Box Substitution–This table shows the substitution for each hexadecimal digit (i.e., nibble)
of the block based on the round number modulo four.

2.1 Key Generation

S-DES generates a 32-bit key from a given plain-text password. The algorithm for key generation is very
simple; for every character of the plain-text password:

1. The 8-bit ASCII of the character is XOR’ed with the 32-bit key (which is initialized to zero).

2. The 32-bit key is rotated rotated-right by 8-bit.

3. The 8-bit ASCII of the character is added to the 32-bit key.

2.2 Generating Round-Key

Each S-DES round will take a 32-bit round-key that is derived from the main 32-bit key. To generate a
round-key round x, the main 32-bit key is rotated right by x × 4 times.

2.3 Permutation
Each block of data is first permutated (i.e., the bits of the block are shuffled) before being operated and
processed. At the end of the S-DES scheme, a reverse permutation is applied to restore the original order
of the bits. In S-DES, the initial permutation is a simple bit-reversal of the block; therefore, the reverse
of the initial permutation is the same (i.e., a simple bit-reseveral).

2.4 Round
In S-DES, the block will go through consecutive eight rounds of cipher; the input of each round is the
output of the previous round. First round takes its input from the initial permutation, while the last
round gives its output to the final permutation. In each round, the incoming block is XOR’ed with the
corresponding round-key (i.e., for round x, the incoming block is XOR’ed with round-key x). Then,
the XOR’ed block is passed through S-boxes (substitution boxes). S-boxes simply replace each 4-bit
hexadecimal digit (i.e., a nibble) of the block with a different value according to fixed dictionary. The
dictionary is shown in Table 1. There are four dictionaries–first four rounds use different dictionaries,
then the subsequent four rounds re-use the four dictionaries. The S-boxes replacement is what makes
the S-DES non-linear making it resilient against differential cryptanalysis.

2.5 DES vs. S-DES

The S-DES is a scheme that has been developed to reflect similar functionality and mirror the strength
of the original DES[7] algorithm, while simplifying the implementation. Comparing S-DES and DES,
couple of differences stand out:

1. block size is 64 bits.

2. The initial permutation is more elaborate than a simple bit reveral.

3. The key is 56 bit rather than 32 bit. The 48-bit round-key is generated by dividing the 56 bits into
two 28-bit numbers; the halves are rotated left by either one bit or two bits, respectively. Then
a 48-bit round-key is selected from these 28-bit halves–24 bits from one half and 24 bits from the
other half. Each round will have different selection depending on predetermined permutation.

3
 4. The round divides the 64-bit block to 32-bit halves. The round-key is XOR’ed with a one half. The
half is expanded into 48 bits by duplicating bits (known as expansion permutation). The S-boxes
replace each 6 bits into 4 bits. Instead of using a modulo of the round number to determine the
second dimension, the two outer bits (i.e., the most-significant and least-significant bits) are used
to address the second dimension. Finally, the outcome of the S-boxes is XOR’ed with the other
half of the block.

5. instead of 8 rounds, DES emplyes 16 rounds.

3 Implementation of S-DES Library

This section will show-case an example implementation of the S-DES scheme in the C programming
language. You may use this implementation as a guidance for your MIPS32 implementation.

3.1 Padding and Sanitizing Input

To properly handle inputs, you should read user input as a string into an intermediate buffer. Then,
you can process the raw input from the intermediate buffer into a final buffer. Part of the processing
is to sanitize (i.e., remove unwanted characters) and pad (i.e., add extra characters). In our case, to
sanitize the message string, we replace newline characters with null-characters, thus terminating the
string whenever we encounter a newline character. Padding should happen before the encryption routine
to avoid any dependencies and assumptions about endianness. Here is the padding implementation:
1 unsigned int pad_text ( char * padded , char * unpadded ) {
2 unsigned int len = 0;
3
4 /* Get string length */
5 char ch = 0;
6 do {
7 ch = unpadded [ len ++];
8 } while ( ch && ch != ’\ n ’) ;
9
10 /* Get padding amount */
11 unsigned int npadding = (4 - ( len % 4) ) % 4;
12
13 /* Copy the original string */
14 while (* unpadded && * unpadded != ’\ n ’) {
15 * padded ++ = * unpadded ++;
16 }
17
18 /* Make sure to turn a possible newline to null - character */
19 * padded ++ = ’ \0 ’;
20 for ( int i = 0; i < npadding ; i ++) {
21 * padded ++ = ’ \0 ’;
22 }
23
24 return (( len + 3) / 4) ;
25 }

3.2 Generating 32-bit Main Key

The plain-text password is read from the user. The plain-text password is cleaned and any newline
character is removed (i.e., turned to a null-character). Then, the buffer containing the plain-text password
is passed as a parameter to the function to generate the 32-bit main key, shown below:
1 unsigned int sdes_gen_key ( char * pw ) {
2 unsigned int k = 0;
3
4 while (* pw && * pw != ’\ n ’) {
5 char c = * pw ++;
6 k = k ^ c;
7 k = (( k & 0 xFF ) << 24) | ( k >> 8) ;
8 k = k + c;
9 }
10
11 return k ;
12 }

4
 3.3 Permutation
In the S-DES scheme, both initial and final permutation are implemented the same (since a reverse of a
bit-reversal is a bit-reversal):
1 unsigned int sdes_perm ( unsigned int d ) {
2
3 unsigned int r = d ;
4
5 r = (( r & 0 xFFFF0000llu ) >> 16) | (( r & 0 x0000FFFFllu ) << 16) ;
6 r = (( r & 0 xFF00FF00llu ) >> 8) | (( r & 0 x00FF00FFllu ) << 8) ;
7 r = (( r & 0 xF0F0F0F0llu ) >> 4) | (( r & 0 x0F0F0F0Fllu ) << 4) ;
8 r = (( r & 0 xCCCCCCCCllu ) >> 2) | (( r & 0 x33333333llu ) << 2) ;
9 r = (( r & 0 xAAAAAAAAllu ) >> 1) | (( r & 0 x55555555llu ) << 1) ;
10
11 return r ;
12 }

3.4 Generating 32-bit Round-Key

To generating a 32-bit round-key, we require to implement a simple rotate right function. In C, there is
no operation to perform rotation; as a result, we have to verbosely implement the rotation using shifts
and bit-wise OR operations. However, when implementing this in MIPS32, you may leverage rotation
instructions, instead.
1 unsigned int s d e s _ g e n _ r o u n d k e y ( unsigned int i , unsigned k ) {
2 /* Just a Simple Rotation */
3 unsigned int nbits = ( i % 8) * 4;
4
5 unsigned mask = (1 llu << nbits ) - 1;
6 unsigned res = (( k & mask ) << (32 - nbits ) ) | ( k >> nbits ) ;
7
8 return res ;
9 }

3.5 S-DES Encryption

First, we need a top function that would take input padded plain-text and break it into blocks. Each
block then can be encrypted independently.
1 void sdes_encrypt ( char * _clear , char * _cipher , unsigned int key , unsigned int nblocks ) {
2 unsigned int * clear = ( unsigned int *) _clear ;
3 unsigned int * cipher = ( unsigned int *) _cipher ;
4
5 for ( int i = 0; i < nblocks ; i ++) {
6 /* Get a block from the string */
7 unsigned int block = clear [ i ];
8
9 /* Encrypt */
10 unsigned int cipher [ i ] = s d e s _ e n c r y p t _ b l o c k ( block , key ) ;
11 cipher [ i ] = e_block ;
12 }
13 }

The encryption routine for S-DES is just the application ot initial permutation, followed by
eight rounds (with generating their respective round-keys), and then concluding with final permutation:
1 unsigned int s d e s _ e n c r y p t _ b l o c k ( unsigned int x , unsigned int key ) {
2 unsigned int d = 0;
3
4 d = sdes_perm ( x ) ;
5 for ( int i = 0; i < 8; i ++) {
6 unsigned int roundkey = s d e s _ g e n _ r o u n d k e y (i , key ) ;
7 d = s d e s _ e n c r y p t _ r o u n d (i , d , roundkey ) ;
8 }
9 d = sdes_perm ( d ) ;
10
11 return d ;
12 }

5
 The S-DES encryption rounds are simply an XOR followed by S-boxes:
1 unsigned int s d e s _ e n c r y p t _ r o u n d ( unsigned int i , unsigned int block , unsigned int rkey ) {
2 unsigned int cipher = 0;
3
4 cipher = b ;
5 cipher = cipher ^ rkey ; /* XOR */
6 cipher = s d e s _ e n c r y p t _ s b o x (i , cipher ) ; /* Substitution */
7
8 return cipher ;
9 }

The S-boxes are simple look-up tables:

1 char sbox [][16] = {{ 2 , 12 , 4 , 1 , 7 , 10 , 11 , 6 , 8 , 5 , 3 , 15 , 13 , 0 , 14 , 9} ,
2 { 14 , 11 , 2 , 12 , 4 , 7 , 13 , 1 , 5 , 0 , 15 , 10 , 3 , 9 , 8 , 6} ,
3 { 4 , 2 , 1 , 11 , 10 , 13 , 7 , 8 , 15 , 9 , 12 , 5 , 6 , 3 , 0 , 14} ,
4 { 11 , 8 , 12 , 7 , 1 , 14 , 2 , 13 , 6 , 15 , 0 , 9 , 10 , 4 , 5 , 3}};
5
6 unsigned int s d e s _ e n c r y p t _ s b o x ( unsigned int i , unsigned int block ) {
7 unsigned int res = 0;
8 i = i % 4;
9
10 for ( int n = 0; n < 8; n ++) {
11 char c = block & 0 xF ;
12 char s = sbox [ i ][ c ];
13 res = ( s << 28) | ( res >> 4) ;
14
15 block = block >> 4; /* Done with one nibble */
16 }
17
18 return res ;
19 }

3.6 S-DES Decryption

S-DES decryption is the opposite of the encryption, where we preform the scheme in exactly the same
opposite direction of low. There are a lot of re-use of functions between both, so only the differece would
be shown in this Subsection.

First, we start with the a top function to break incoming hexadecimal data into blocks:
1 void sdes_decrypt ( char * _cipher , char * _clear , unsigned int key , unsigned int nblocks ) {
2 unsigned int * clear = ( unsigned int *) _clear ;
3 unsigned int * cipher = ( unsigned int *) _cipher ;
4
5 for ( int i = 0; i < nblocks ; i ++) {
6 /* Get a block from the string */
7 unsigned int e_block = cipher [ i ];
8
9 /* Encrypt */
10 unsigned int block = s d e s _ d e c r y p t _ b l o c k ( e_block , key ) ;
11 clear [ i ] = block ;
12 }
13 }

Then, we implement a function to implement S-DES decryption of one block:

1 unsigned int s d e s _ d e c r y p t _ b l o c k ( unsigned int x , unsigned int key ) {
2 unsigned int d = sdes_perm ( x ) ;
3 for ( int i = 0; i < 8; i ++) {
4 unsigned int roundkey = s d e s _ g e n _ r o u n d k e y (7 - i , key ) ;
5 d = s d e s _ d e c r y p t _ r o u n d (7 - i , d , roundkey ) ;
6 }
7 d = sdes_perm ( d ) ;
8
9 return d ;
10 }

Please, note that the rounds are sequenced from 7 down to 0 (i.e., in opposite order of the
encryption)

6
 Then, we implement a decryption round:
1 unsigned int s d e s _ d e c r y p t _ r o u n d ( unsigned int i , unsigned int ciph , unsigned int rkey ) {
2 unsigned int block = 0;
3
4 block = s d e s _ d e c r y p t _ s b o x (i , ciph ) ; /* Substitution */
5 block = block ^ rkey ; /* XOR */
6
7 return block ;
8 }

Finally, the S-boxes are simple reverse substitution:

1 char xobs [][16] = {{ 13 , 3, 0, 10 , 2 , 9 , 7 , 4 , 8 , 15 , 5 , 6 , 1 , 12 , 14 , 11} ,
2 { 9, 7, 2, 12 , 4 , 8 , 15 , 5 , 14 , 13 , 11 , 1 , 3 , 6 , 0 , 10} ,
3 { 14 , 2, 1, 13 , 0 , 11 , 12 , 6, 7, 9, 4, 3 , 10 , 5 , 15 , 8} ,
4 { 10 , 4, 6, 15 , 13 , 14 , 8 , 3 , 1 , 11 , 12 , 0 , 2 , 7 , 5 , 9}};
5
6 unsigned int s d e s _ d e c r y p t _ s b o x ( unsigned int i , unsigned int block ) {
7 unsigned int res = 0;
8 i = i % 4;
9
10 for ( int n = 0; n < 8; n ++) {
11 char c = block & 0 xF ;
12 char s = xobs [ i ][ c ];
13 res = ( s << 28) | ( res >> 4) ;
14
15 block = block >> 4; /* Done with one nibble */
16 }
17
18 return res ;
19 }

4 Deliverables
The main deliverable of the programming assignment is a MIPS32 assembly file that implements a
program. The program asks the user for requested operation (“e” for encryption and “d” for decryption).
The program then asks the user for the data to encrypt or decrypt; the data is a plain-text message for
encryption, whereas the data is a hexadecimal string (i.e., a string of hexadecimal digits) for decryption.
Finally, the program asks for plain-text password to use for encryption or decryption. An example of
how the inputs and outputs should be handled is shown in Figure 2. Please, pay attention to the format
of the output. The output of the program should be the last line with either: “Encrypted Message = ”
or “Decrypted Message = ”. The output strings should be between double-qoutes, as shown in Figure 2.

Testing and Verification–You should spend a lot of effort writing testing and verification
for your program. Make sure that you test every corner case you can think of. Also, verify your
implementation with different emulators. Possible emulators: SPIM, jsSPIM, or QEMU. As usual,
refrain from using pseudo-instructions as they are not universally supported by every assembler.

Choose an operation (e = encrypt, d = decrypt): e

What is the message to encrypt? Ans Q5(c) = 0xdeadbeef
Password to use: SuperSecretP@ssw0rd!
Encrypted Message = "af2d7809efef01575802ea099d6a475f6f204f5f6129a949"

Choose an operation (e = encrypt, d = decrypt): d

What is the message to decrypt? af2d7809efef01575802ea099d6a475f6f204f5f6129a949
Password to use: SuperSecretP@ssw0rd!
Decrypted Message = "Ans Q5(c) = 0xdeadbeef"

Figure 2: Example Output of The Program–Input is given in the exact order shown. The output
is expected to be the last line. Do not forget to wrap your messages with double-quotes.

7
References
[1] Eli Biham and Adi Shamir. “Differential Cryptanalysis of DES-Like Cryptosystem”. In: Journal of
Cryptology 4.1 (1991).
[2] Eli Biham and Adi Shamir. “Differential Cryptanalysis of the Full 16-Round DES”. In: Proc. of
Crypto (1992).
[3] Whitfield Diffie and Martin E. Hellman. “Special Feature: Exhaustive Cryptanalysis of the NBS
Data Encryption Standard”. In: Computer 10.6 (1977), pp. 74–84.
[4] Schaefer Edward F. “A Simplified Data Encryption Standard Algorithm”. In: Cryptologia 20.1
(1996), pp. 77–84.
[5] Horst Feistel. “Cryptography and Computer Privacy”. In: Scientific American 228.5 (1973), pp. 15–
23.
[6] Horst Feistel. “US3798359A: Block Cipher Cryptographic System”. In: US Patent (1971).
[7] National Bureau of Standard (NBS). “Data Encryption Standard”. In: Federal Information Process-
ing Standards Publication (FIPS PUB) 46 (1977).