I've just been studying the DES crypto algorithm as presented by Christof Paar in his book entitled, Understanding Cryptography as well as his lecture. There is a diagram on page 68 of the text where the key schedule is shown and I understand the following information about it already:
- A 64 bit "key" is originally input
- That 64 bit key has 8 bits removed from it during the Permuted Choice 1 permutation, making it now a 56 bit key.
- The 56 bits output from PC-1 are now split into two subsections, $C_0$ and $D_0$ , each of which are 28 bits.
$C_0$ and $D_0$ each have their respective 28 bits rotated left once if the round is 1,2,9, or 16, otherwise their respective bits are rotated left by 2 bits.
** After the above occurs, the permuted 56 bits gets processed by the Permuted Choice 2 permutation and the output is a 48 bit round key. **
I highlighted item #5 here because this is where my confusion lies and the precursor to my question: Once we have a round key, $k_1$ for example, it is obviously then placed into the $f$ function as input along with the $R_i$. However, after this round completes, the round key $K_i$ is 48 bits but the key schedule transforms appear to take a 56 bit input. Can someone please explain how we get from a round key such as $k_2$ (the subkey for round 2 of the algorithm) to round key $k_3$? Is the original key re-used again for each round transformation or is the previous rounds key used?
