Data Encryption Standard: Part 4
September 10, 2010
We conclude our series of exercises on the Data Encryption Standard with this program that provides a convenient interface to the functions we have written:
NAME
des
— Data Encryption StandardUSAGE
des
-d
mode [-i
salt]-k
key [filename]
des
-d
mode [-i
salt]-1
key1-2
key2 [-3
key3] [filename]
des
-e
mode [-i
salt]-k
key [filename]
des
-e
mode [-i
salt]-1
key1-2
key2 [-3
key3] [filename]
des
-h
n-k
key [filename]
des
-p
passwordDESCRIPTION
Des
provides 64-bit block cryptography using the Data Encryption Standard, with-e
providing encryption and-d
providing decryption. Mode may beECB
for Electronic Code Book,CBC
for Cipher Block Chaining,CFB
for Cipher Feedback, orOFB
for Output Feedback. Salt (the initialization vector) should be specified forCBC
,CFB
andOFB
modes; if no salt is given, the first 64-bit block is taken as the salt. Regular DES is performed if a single key is given by-k
key, and Triple DES is performed if three keys are given; for Triple DES, the third key is optional, and defaults to key1 if not given. Keys and salt are specified by sixteen hexadecimal digits. Input may be specified by filename or on standard input, and output is written to standard output. An n-bit cryptographic hash, where 16 ≤ n ≤ 64 and n ≡ 0 (mod 8), is computed by-h
, and an ascii password can be converted to a 64-bit key by-p
.REFERENCES
FIPS 46-3 — Data Encryption Standard (http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf)
FIPS 81 — DES Modes of Operation (http://www.itl.nist.gov/fipspubs/fip81.htm)
FIPS 113 — Computer Data Authentication (http://www.itl.nist.gov/fipspubs/fip113.htm)
BUGS
Padding in
ECB
andCBC
modes, and in hashing and password generation which is based onCBC
mode, is done by adding a 1-bit followed by enough 0-bits to complete the final 64-bit block. Other implementations ofdes
may pad differently, leading to differences in the final two blocks of an encrypted file.Though
des
is simple to use, it requires considerable cryptographic sophistication to use effectively.
Your task is to write the des
program described above. When you are finished, you are welcome to read or run a suggested solution, or to post your own solution or discuss the exercise in the comments below.