Data Encryption Standard: Part 4
September 10, 2010
We conclude our series of exercises on the Data Encryption Standard with this program that provides a convenient interface to the functions we have written:
NAME
des— Data Encryption StandardUSAGE
des-dmode [-isalt]-kkey [filename]
des-dmode [-isalt]-1key1-2key2 [-3key3] [filename]
des-emode [-isalt]-kkey [filename]
des-emode [-isalt]-1key1-2key2 [-3key3] [filename]
des-hn-kkey [filename]
des-ppasswordDESCRIPTION
Desprovides 64-bit block cryptography using the Data Encryption Standard, with-eproviding encryption and-dproviding decryption. Mode may beECBfor Electronic Code Book,CBCfor Cipher Block Chaining,CFBfor Cipher Feedback, orOFBfor Output Feedback. Salt (the initialization vector) should be specified forCBC,CFBandOFBmodes; if no salt is given, the first 64-bit block is taken as the salt. Regular DES is performed if a single key is given by-kkey, and Triple DES is performed if three keys are given; for Triple DES, the third key is optional, and defaults to key1 if not given. Keys and salt are specified by sixteen hexadecimal digits. Input may be specified by filename or on standard input, and output is written to standard output. An n-bit cryptographic hash, where 16 ≤ n ≤ 64 and n ≡ 0 (mod 8), is computed by-h, and an ascii password can be converted to a 64-bit key by-p.REFERENCES
FIPS 46-3 — Data Encryption Standard (http://csrc.nist.gov/publications/fips/fips46-3/fips46-3.pdf)
FIPS 81 — DES Modes of Operation (http://www.itl.nist.gov/fipspubs/fip81.htm)
FIPS 113 — Computer Data Authentication (http://www.itl.nist.gov/fipspubs/fip113.htm)
BUGS
Padding in
ECBandCBCmodes, and in hashing and password generation which is based onCBCmode, is done by adding a 1-bit followed by enough 0-bits to complete the final 64-bit block. Other implementations ofdesmay pad differently, leading to differences in the final two blocks of an encrypted file.Though
desis simple to use, it requires considerable cryptographic sophistication to use effectively.
Your task is to write the des program described above. When you are finished, you are welcome to read or run a suggested solution, or to post your own solution or discuss the exercise in the comments below.
