Most of this is from Wikipedia: DES
You can also read the official standard FIPS PUB 46.
DES is a now obsolete cipher developed in the 1970's at IBM with the collaboration of the NSA.
While DES can now be cracked it is only because of the 56 bit key, which is too short.
In other ways DES is a "masterpiece" of symmetric encryption that inspired many other systems.
In the 1970s, computerization began to affect industrial communications.
Banks became afraid that a private company would have monopoly over a de facto communication standard.
Important people called for the development of an "open source" encryption standard (mainly for commerce).
While cryptographic work had been top secret, there was now to be an open competition to develop a public standard.
NBS = National Bureau of Standards (now NIST = National Institute for Standards and Technology)
NSA = National Security Agency (in charge of US cryptography)
On 15 May 1973, after consulting with the NSA, NBS solicited proposals for a cipher that would meet rigorous design criteria.
The first competition failed, but in a second competition IBM submitted Lucifer).
Lucifer became the prototype for DES.
The Lucifer algorithm makes use of certain bit substitutions called S-boxes.
The NSA changed the S-boxes submitted by IBM.
This created fear that the NSA had backdoored the system.
There were even congressional hearings!
The NSA also shortened the key from 64 to 56 bits.
Later it became known that the NSA tweaks secured DES against differential cryptanalysis.
DES is an example of a block cipher.
For DES, the blocks are $b=64$ bits long.
Thus DES operates in 8 byte chunks.
At the beginning of a DES round, the 64 bit state is broken into two 32 bit halves.
These are the outputs of the previous round: $L_{i-1}$ and $R_{i-1}$.
The $R_{i-1}$ portion is fed through a nonlinear function $f$ which takes a round key $k_i$.
The $R_{i-1}$ is then copied exactly to become $L_i$.
The output of $f$ is then XORed with $L_{i-1}$ to form $R_i$.
Then the $i+1$ round does the same thing to $L_i,R_i$, etc.
Decryption works by doing this backwards.
Encryption:
\begin{align} L_i &= R_{i-1} \\ R_i &= L_{i-1} \oplus f(R_{i-1},k_k) \end{align}Decryption:
\begin{align} R_{i-1} &= L_i \\ L_{i-1} &= R_i \oplus f(R_{i-1},k_k) = R_i \oplus f(L_i,k_k) \end{align}Note that left and right are not swapped in the final round.
The key schedule uses Permuted Choice 1 PC1) and Permuted Choice 2 PC2).