Article
Card image cap for article

Building DES Encryption: Applying SOLID Principles to Real-World Cryptography

Cybersecurity

11/6/2025

Why Coding is Instrumental in Understanding Encryption Schemes

True understanding only happens through immersion. When it comes to encryption by the Data Encryption Standard (DES), this means going far beyond reading an article or watching a tutorial. Real learning begins for me once I write my own implementation.

Studying a well-chosen textbook [1] and reviewing the formal specifications [2] gives me an efficient grounding in the principles of DES. Beyond that, coding forces me to confront the deeper mechanics of an algorithm.

What is Encryption and Why is it so Vital?

Encryption is the process of transforming readable information, known as plaintext, into an unintelligible format called ciphertext using mathematical algorithms and secret values known as keys. The primary goal is to ensure that only authorized parties can access the original data, even if the encrypted information is intercepted by adversaries on insecure networks.

Encryption relies on two main operations: scrambling data so that outsiders can't make sense of it, and later reversing the process for those with the correct key. This discipline, called cryptography, underpins secure communication in everyday life – from web browsing to banking and private messaging.

Encryption not only provides confidentiality but also supports integrity checks, authentication, and proof that a message genuinely comes from its sender, making it crucial for protecting information in modern digital systems.

Kerckhoffs's Principle

One of the fundamental principles guiding modern cryptography is Kerckhoffs’s principle: a cryptosystem should remain secure even when everything about it, except the secret key, is known.

This principle emphasizes transparency and resilience. Security must come from design strength and an appropriately sized and managed secret key in symmetric cryptography, not obscurity.

Key Factors for Robust and Safe Crypto Algorithms

Key properties for robust cryptographic algorithms are diffusion and confusion, as defined by Shannon. DES is a well-known example of a symmetric encryption scheme that systematically combines both properties to maximize security, following their formal introduction in the 1970s.

Diffusion spreads the influence of each bit of plaintext across the ciphertext, while confusion hides the relationship between key and output. Together, they ensure that even small changes in input produce unpredictable results and that no exploitable patterns remain, making the system robust against both statistical and brute-force attacks.

Non-linearity is essential. Non-linear operations make it far more difficult for attackers to uncover relationships between inputs and outputs. This is why linear feedback shift registers (LFSRs), which are mathematically predictable, are inadequate alone for strong cryptographic protection.

Efficiency is another key factor: encryption should be computationally viable, minimizing resource consumption without compromising security. It should be deployable in both high-throughput systems and resource-constrained devices.

Limitations of DES and Why it Was Abandoned in 1999

Robust crypto algorithms must have sufficiently large key sizes to prevent brute-force attacks, especially considering the emergence of GPUs and quantum computing, which threaten many current algorithms.

New attack strategies, such as linear and differential cryptanalysis exposed weaknesses that were earlier hidden from public scrutiny.

Modern standards often require key lengths of at least 256 bits for symmetric algorithms or post-quantum equivalents to address future risks. That is the main reason why DES was abandoned, because the effective key size of 48 bits in symmetric encryption is not sufficient.

By 1999, DES was replaced by the Advanced Encryption Standard (AES), which features larger key sizes and stronger security given the modern computational capabilities.

Data Encryption Standard (DES)

Why Investigate DES?

The reason why I chose DES as the object stems from the following background:

  • DES was the first modern encryption algorithm
  • design principles of DES have inspired many current ciphers
  • confusion and diffusion are important properties of all modern block ciphers

Studying it helps to understand many other symmetric algorithms.

Origins and Development

DES was adopted as a Federal Information Processing Standard (FIPS PUB 46) in 1977 for protecting sensitive data [2]. It quickly set the benchmark for data encryption, serving both government and commercial sectors worldwide.

Acceptance and Best Practice Period

DES was considered the gold standard for symmetric encryption from its ratification in 1977 through the late 1990s. For more than two decades, it safeguarded banking, financial, and government data.

DES Algorithm

DES [1] encrypts and decrypts data in 64-bit blocks using a single, shared secret key (Original Key k in the schematic drawing). After the PC - 1 permutation, an effective key length of 56 bits (the remaining 8 bits of its 64-bit key are reserved for error-detection parity) remains. Each sub key of the 16 rounds is generated by stripping off the parity bit and by left rotation of the remaining halves, each 28 bit in size.

The encryption begins with an initial permutation (IP) that shuffles the order of the 64 input bits. Each round splits the 64-bit data block into two halves - left (L) and right (R).

The right half is transformed by the Feistel function (f) using a sequence of steps:

  • expansion (to 48 bits)
  • mixing with a sub key (unique per round, derived from the main key)
  • non-linear substitution using specially designed S-boxes, and permutation

The transformed right half R is combined with the left half L by an XOR operation, and the halves are swapped for the next round. This swap ensures the symmetry necessary for easy decryption. The original right half Ri is copied over to become the next left half Li+1. Thereby, it does not get lost and can be used for decryption.

After the 16 rounds, the two halves are recombined and run through a final inverse permutation, producing the 64-bit output block (Cyphertext y).

Decryption uses the same process in reverse, applying the round keys in the opposite order, a direct benefit of the Feistel function.

DES can operate in several block cipher modes, such as Electronic Codebook (ECB), Cipher Block Chaining (CBC), and Output Feedback (OFB).

Building a Practical DES Tool in C#/.NET

I built a semi‑professional command‑line interface (CLI) app that implements the DES algorithm in C# 12 and .NET 8, without using the DES library of the .NET Base Class Library (BCL).

The repository in GitHub of my own solution is openly accessible [3] and has a README file with more technical explanations.

The project isn’t just “make it work”. It’s an exercise in design, learning, and producing code that is written with a structure following good coding principles, namely "clean code" according to Robert C. Martin [4].

Why this Approach Matters

  • Learning with purpose: I learn best by designing and implementing the pieces myself. That’s where real understanding comes from: knowing why something works, not just that it works.
  • Object-oriented "clean code" design principles are called "SOLID" [5, 6]: the aim is to write clean code that makes it hard for bugs to hide, is easy to maintain and improve, has consistent documentation, clear error messages, and tests that make future changes safer.

How the App is Organised (High Level)

  • Small focused pieces: the program is split into clear parts; a command‑line handler (parses options and wires things together), a file I/O module (reads/writes files or stdin/stdout), and the DES implementation. Each part has one purpose, so it’s easy to follow and change.
  • Pluggable crypto: the CLI talks to an abstraction rather than a hard‑coded algorithm. That means I can swap DES for AES or another cipher without rewriting the command line or file logic

Design Principles

  • Single responsibility: each class does one thing well (e.g., “parse arguments” or “read files”)
  • Open for extension: I can add new ciphers or features without changing the existing code that uses them
  • Depend on ideas, not details: the high‑level code relies on simple contracts (interfaces), not specific implementations; this makes swapping components easy

Testing and Confidence

  • Small interfaces make unit and component tests simple. For example, tests can provide dummy file readers or dummy ciphers so the CLI behavior is verified without utilizing the disk
  • The project includes exact test vectors and a block‑level APIs so the implementation can be compared byte‑for‑byte with trusted reference implementations (from the .NET library). That gives strong confidence that the algorithm is correct.

Practical Concerns & Scalability

  • Streaming I/O: the file code supports streaming, so the application won’t have to load large files fully into memory
  • Streaming and block ciphers facilitate the possibility to efficiently run fast encryption cracking software on my NVIDIA RTX 4070 GPU later
  • Swap out DES easily: because the code uses a cipher abstraction, upgrading to a modern cipher (recommended for security) is a simple substitution.

Reminder of Security of DES and Extensibility

DES is an educational and historical cipher. It’s not recommended for securing new systems. The architecture I implemented makes it easy to move to a secure alternative like AES for my next study topic.

Summary

This article explains symmetric encryption using the Data Encryption Standard (DES) and describes a code implementation with the object-oriented software language C#.

References

[1] "Understanding Cryptography: From Established Symmetric and Asymmetric Ciphers to Post-Quantum Algorithms", book by Christof Paar, Jan Pelzl, and Tim Güneysu, 2nd Edition, Springer, 2024, URL: https://www.amazon.de/dp/3662690063

[2] Specification of the Data Encryption Standard (DES) by NIST, URL: https://csrc.nist.gov/pubs/fips/46-3/final

[3] GitHub repository, URL: https://github.com/DirkMueller8/DesCli.git

[4] "Clean Code: A Handbook of Agile Software Craftsmanship", book by Robert C. Martin, Prentice Hall, 2009, URL: https://www.amazon.com/Clean-Code-Handbook-Software-Craftsmanship/dp/0132350882

[5] "SOLID Design Principles Explained: Building Better Software Architecture", article by Digital Ocean with examples in PHP, URL: https://www.digitalocean.com/community/conceptual-articles/s-o-l-i-d-the-first-five-principles-of-object-oriented-design

[6] "SOLID Principles In C# With Examples" by C# Corner, URL: https://www.c-sharpcorner.com/UploadFile/damubetha/solid-principles-in-C-Sharp/

Go back