A Family of Light-Weight Block Ciphers Based on DES Suited for RFID Applications

We propose a new block cipher, DESL (DES Lightweight extension), which is strong, compact and efficient. Due to its low chip size constraints DESL is especially suited for RFID (Radio Frequency Identification) devices. Our proposed DESL is based on the classical DES (Data Encryption Standard) design, however, unlike DES it uses a single Sbox repeated eight times. This approach makes it possible to considerably decrease chip size requirements. The S-box has been highly optimized in such a way that DESL resists common attacks, i.e. linear and differential cryptanalysis, and the Davies-Murphy-attack. Therefore DESL achieves a security level, which is appropriate for many applications. Furthermore, we propose a lightweight implementation of DESL, which requires 49% less chip size, 85% less clock cycles and 90% less energy than the best AES implementations with regard to RFID applications. Compared to the smallest DES implementation published until now, our DESL design requires 38% less transistors. As a results, our 0.18μm DESL implementation requires a chip size of 7392 transistors (1848 gate equivalences) and is capable to encrypt a 64-bit plaintext in 144 clock cycles. When clocked at 100 kHz, it draws an average current of only 0.89μA. These hardware figures are in the range of the best eSTREAM candidates, comprising DESL as a new alternative for stream ciphers.