This paper presents the substitution boxes (s-boxes) found in many block ciphers, and more specifically in DES-like encryption systems. It begins with a brief history of the Data Encryption Standard (DES) and the first public question on the chosen s-boxes. An outline of the DES algorithm is presented, along with a more detailed look of the cipher function that uses the s-boxes. The major methods of cryptanalysis are reviewed, including how they use the s-boxes for their attacks, and how the risk can be mitigated by alternate schemes. Potential changes to s-boxes described, as well as how these changes may or may not strengthen DES-like encryption systems. Finally, there is a brief example of how some researchers underwent rigorous DES-like s-box construction testing.


http://www.sans.org/reading_room/whi...on-systems_768