| 2 |
- |
1 |
.TH DES 2
|
|
|
2 |
.SH NAME
|
|
|
3 |
setupDESstate, des_key_setup, block_cipher, desCBCencrypt, desCBCdecrypt, desECBencrypt, desECBdecrypt, des3CBCencrypt, des3CBCdecrypt, des3ECBencrypt, des3ECBdecrypt, key_setup, des56to64, des64to56, setupDES3state, triple_block_cipher - single and triple digital encryption standard
|
|
|
4 |
.SH SYNOPSIS
|
|
|
5 |
.B #include <u.h>
|
|
|
6 |
.br
|
|
|
7 |
.B #include <libc.h>
|
|
|
8 |
.br
|
|
|
9 |
.B #include <mp.h>
|
|
|
10 |
.br
|
|
|
11 |
.B #include <libsec.h>
|
|
|
12 |
.PP
|
|
|
13 |
.B
|
|
|
14 |
void des_key_setup(uchar key[8], ulong schedule[32])
|
|
|
15 |
.PP
|
|
|
16 |
.B
|
|
|
17 |
void block_cipher(ulong *schedule, uchar *data, int decrypting)
|
|
|
18 |
.PP
|
|
|
19 |
.B
|
|
|
20 |
void setupDESstate(DESstate *s, uchar key[8], uchar *ivec)
|
|
|
21 |
.PP
|
|
|
22 |
.B
|
|
|
23 |
void desCBCencrypt(uchar *p, int len, DESstate *s)
|
|
|
24 |
.PP
|
|
|
25 |
.B
|
|
|
26 |
void desCBCdecrypt(uchar *p, int len, DESstate *s)
|
|
|
27 |
.PP
|
|
|
28 |
.B
|
|
|
29 |
void desECBencrypt(uchar *p, int len, DESstate *s)
|
|
|
30 |
.PP
|
|
|
31 |
.B
|
|
|
32 |
void desECBdecrypt(uchar *p, int len, DESstate *s)
|
|
|
33 |
.PP
|
|
|
34 |
.in +0.5i
|
|
|
35 |
.ti -0.5i
|
|
|
36 |
.B
|
|
|
37 |
void triple_block_cipher(ulong expanded_key[3][32], uchar text[8], int ende)
|
|
|
38 |
.PP
|
|
|
39 |
.B
|
|
|
40 |
void setupDES3state(DES3state *s, uchar key[3][8], uchar *ivec)
|
|
|
41 |
.PP
|
|
|
42 |
.B
|
|
|
43 |
void des3CBCencrypt(uchar *p, int len, DES3state *s)
|
|
|
44 |
.PP
|
|
|
45 |
.B
|
|
|
46 |
void des3CBCdecrypt(uchar *p, int len, DES3state *s)
|
|
|
47 |
.PP
|
|
|
48 |
.B
|
|
|
49 |
void des3ECBencrypt(uchar *p, int len, DES3state *s)
|
|
|
50 |
.PP
|
|
|
51 |
.B
|
|
|
52 |
void des3ECBdecrypt(uchar *p, int len, DES3state *s)
|
|
|
53 |
.PP
|
|
|
54 |
.B
|
|
|
55 |
void key_setup(uchar[7], ulong[32])
|
|
|
56 |
.PP
|
|
|
57 |
.B
|
|
|
58 |
void des56to64(uchar *k56, uchar *k64)
|
|
|
59 |
.PP
|
|
|
60 |
.B
|
|
|
61 |
void des64to56(uchar *k64, uchar *k56)
|
|
|
62 |
.SH DESCRIPTION
|
|
|
63 |
The Digital Encryption Standard (DES)
|
|
|
64 |
is a shared-key or symmetric encryption algorithm using either
|
|
|
65 |
a 56-bit key for single DES or three 56-bit keys for triple DES.
|
|
|
66 |
The keys are encoded into 64 bits where every eight bit
|
|
|
67 |
is parity.
|
|
|
68 |
.PP
|
|
|
69 |
The basic DES function,
|
|
|
70 |
.IR block_cipher ,
|
|
|
71 |
works on a block of 8 bytes, converting them in place.
|
|
|
72 |
It takes a key schedule, a pointer to the block, and
|
|
|
73 |
a flag indicating encrypting (0) or decrypting (1).
|
|
|
74 |
The key schedule is created from the key using
|
|
|
75 |
.IR des_key_setup .
|
|
|
76 |
.PP
|
|
|
77 |
Since it is a bit awkward,
|
|
|
78 |
.I block_cipher
|
|
|
79 |
is rarely called directly. Instead, one normally uses
|
|
|
80 |
routines that encrypt larger buffers of data and
|
|
|
81 |
which may chain the encryption state from one buffer
|
|
|
82 |
to the next.
|
|
|
83 |
These routines keep track of the state of the
|
|
|
84 |
encryption using a
|
|
|
85 |
.B DESstate
|
|
|
86 |
structure that contains the key schedule and any chained
|
|
|
87 |
state.
|
|
|
88 |
.I SetupDESstate
|
|
|
89 |
sets up the
|
|
|
90 |
.B DESstate
|
|
|
91 |
structure using the key and an 8-byte initialization vector.
|
|
|
92 |
.PP
|
|
|
93 |
Electronic code book, using
|
|
|
94 |
.I desECBencrypt
|
|
|
95 |
and
|
|
|
96 |
.IR desECBdecrypt ,
|
|
|
97 |
is the less secure mode. The encryption of each 8 bytes
|
|
|
98 |
does not depend on the encryption of any other.
|
|
|
99 |
Hence the encryption is a substitution
|
|
|
100 |
cipher using 64 bit characters.
|
|
|
101 |
.PP
|
|
|
102 |
Cipher block chaining mode, using
|
|
|
103 |
.I desCBCencrypt
|
|
|
104 |
and
|
|
|
105 |
.IR desCBCdecrypt ,
|
|
|
106 |
is more secure. Every block encrypted depends on the initialization
|
|
|
107 |
vector and all blocks encrypted before it.
|
|
|
108 |
.PP
|
|
|
109 |
For both CBC and ECB modes, a stream of data can be encrypted as
|
|
|
110 |
multiple buffers. However, all buffers except the last must
|
|
|
111 |
be a multiple of 8 bytes to ensure successful decryption of
|
|
|
112 |
the stream.
|
|
|
113 |
.PP
|
|
|
114 |
There are equivalent triple-DES (DES3-EDE) functions for each of the
|
|
|
115 |
DES functions.
|
|
|
116 |
.PP
|
|
|
117 |
In the past, Plan 9 used a 56-bit or 7-byte
|
|
|
118 |
format for DES keys. To be compatible with the rest
|
|
|
119 |
of the world, we've abandoned this format.
|
|
|
120 |
There are two functions,
|
|
|
121 |
.I des56to64
|
|
|
122 |
and
|
|
|
123 |
.IR des64to56 ,
|
|
|
124 |
to convert back and forth between the two formats.
|
|
|
125 |
Also a key schedule can be set up from the 7-byte format using
|
|
|
126 |
.IR key_setup .
|
|
|
127 |
.SH SOURCE
|
|
|
128 |
.B /sys/src/libsec
|
|
|
129 |
.SH SEE ALSO
|
|
|
130 |
.IR mp (2),
|
|
|
131 |
.IR aes (2),
|
|
|
132 |
.IR blowfish (2),
|
|
|
133 |
.IR dsa (2),
|
|
|
134 |
.IR elgamal (2),
|
|
|
135 |
.IR rc4 (2),
|
|
|
136 |
.IR rsa (2),
|
|
|
137 |
.IR sechash (2),
|
|
|
138 |
.IR prime (2),
|
|
|
139 |
.IR rand (2)
|
|
|
140 |
.br
|
|
|
141 |
.IR "Breaking DES" ,
|
|
|
142 |
Electronic Frontier Foundation,
|
|
|
143 |
O'Reilly, 1998
|
|
|
144 |
.SH BUGS
|
|
|
145 |
Single DES can be realistically broken by brute-force;
|
|
|
146 |
its 56-bit key is just too short.
|
|
|
147 |
It should not be used in new code, which should probably use
|
|
|
148 |
.IR aes (2)
|
|
|
149 |
instead, or at least triple DES.
|