September 10, 2010
des— Data Encryption Standard
Desprovides 64-bit block cryptography using the Data Encryption Standard, with
-eproviding encryption and
-dproviding decryption. Mode may be
ECBfor Electronic Code Book,
CBCfor Cipher Block Chaining,
CFBfor Cipher Feedback, or
OFBfor Output Feedback. Salt (the initialization vector) should be specified for
OFBmodes; if no salt is given, the first 64-bit block is taken as the salt. Regular DES is performed if a single key is given by
-kkey, and Triple DES is performed if three keys are given; for Triple DES, the third key is optional, and defaults to key1 if not given. Keys and salt are specified by sixteen hexadecimal digits. Input may be specified by filename or on standard input, and output is written to standard output. An n-bit cryptographic hash, where 16 ≤ n ≤ 64 and n ≡ 0 (mod 8), is computed by
-h, and an ascii password can be converted to a 64-bit key by
FIPS 46-3 — Data Encryption Standard (http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf)
FIPS 81 — DES Modes of Operation (http://www.itl.nist.gov/fipspubs/fip81.htm)
FIPS 113 — Computer Data Authentication (http://www.itl.nist.gov/fipspubs/fip113.htm)
CBCmodes, and in hashing and password generation which is based on
CBCmode, is done by adding a 1-bit followed by enough 0-bits to complete the final 64-bit block. Other implementations of
desmay pad differently, leading to differences in the final two blocks of an encrypted file.
desis simple to use, it requires considerable cryptographic sophistication to use effectively.
Your task is to write the
des program described above. When you are finished, you are welcome to read or run a suggested solution, or to post your own solution or discuss the exercise in the comments below.