DES algorithm details and source code

Source: Internet
Author: User

There are many introductions on the DES algorithm on the Internet, with the same general idea. However, the handling of many details is not clear, and the source code quality is also uneven. For this reason, I have spent a lot of time studying it. Now I have sorted out the complete ideas and source code as follows.

 

1. DES algorithm introduction:

  

The DES algorithm is also known as the American Data Encryption Standard. It is a symmetric encryption algorithm developed by IBM in 1972. Plaintext is grouped by 64-bit. The key length is 64-bit. The key is actually 56-bit involved in des operations (8th, 16, 24, 32, 40, 48, 56, and 64-bit are checkbit, so that each key has an odd number. 1) the plaintext group after the group and the 56-bit key substitute or exchange by bit form the encryption method of the ciphertext group.

 

2. Des steps:

1. First enter an 8-byte key M8. Converts an 8-byte key into a 64-bit binary M64. Among them, the 8, 16, 24, 32, 40, 48, 56, 64 bits are the check bit, so that each key has an odd number of 1. Therefore, the key is actually 56 bits, and 64 bits can be stored first, which can be deducted from pC1 replacement in the next step.

Pay attention to the high and low bit issues here: for example, 'L''s ASCII value is 75 and is converted to binary value '123'. Here, the binary value ranges from left to right from high to low. During key conversion, from low to high storage

For example, if the ASCII value of 'L' is 75 and the binary value is '123', convert it to Char A = {01001011,} in the array };

The source code on the Internet has different processing methods. This method can obtain the correct resolution result.

2. Replace 64-bit M64 with pC1 and convert it to 56-bit (excluding the parity bit ).

Place the 56-bit keys in the following table.

57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36,
63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22, 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4,

The table means 57th to 1st, 49th to 2nd, and so on.

3. The 56-Bit Data M56 is obtained after the transformation, which is divided into two parts: C [0] [28], d [0] [28].

4. Calculate 16 sub-Keys. Calculation method C [I] [28] d [I] [28] for the previous C [I-1] [28], d [I-1] [28] circular left shift operation. The following table lists the 16 left-shifted digits:

1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 1 (left shift digits)

In the 16 cycles here, after each cycle is left shifted, C [I] [28] And d [I] [28] are combined into 56 digits, perform a PC2 replacement for these 56 bits to obtain the 48-bit sub key [I] [48]. After 16 cycles, there will be 16 sub-Keys. The PC2 transformation is as follows:

14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10, 23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2,
41, 52, 31, 37, 47, 55, 30, 40, 51, 45, 33, 48, 44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32,

The table means 14th to 1st, 17th to 2nd, and so on. During this process, the 9,18, 22,25, 35,38, 43,54 bits are discarded.

**************************************** *****************************

5. After the sub-key is obtained, the plaintext is encrypted and decrypted. the encryption and decryption operations are symmetric. Therefore, the encryption operation is described as follows:

6. The input plaintext must contain 8 bytes. If the input plaintext does not contain 8 bytes, it is extended to 8 bytes (add 0 or fill '\ 0 ').

7. convert 8-byte plaintext into 64-bit binary.

8. The 64-bit plaintext input is transformed. The transposition table is as follows:

58, 50, 12, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4,
62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8,
57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3,
61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7

The table means that during the first transformation, 58th is shifted to 1st bits, and 50th is shifted to 2nd bits. Obtain 64-bit data [64].

9. The next step is to go to the cyclic processing stage, where a total of 16 loops are performed. The following operations are performed for each loop:

For (INT I = 0; I <16; I ++)

{

10. Divide the 64-bit data [64] into two L [I] [32], R [I] [32].

11. Extend the R [I] [32] to 48 digits. The method is as follows, and it is recorded as E (R [I] [32]).

32, 1, 2, 3, 4, 5,
4, 5, 6, 7, 8, 9,
8, 9, 10, 11, 12, 13,
12, 13, 14, 15, 16, 17,
16, 17, 18, 19, 20, 21,
20, 21, 22, 23, 24, 25,
24, 25, 26, 27, 28, 29,
28, 29, 30, 31, 32, 1,

12. perform an exclusive or operation between E (R [I] [32]) and sub [I] [48] (sub-keys obtained by key processing, see step 4, obtain 48 bits [48].

13. Divide the 48-digit sequence into 8 parts, 6 parts, and B [48]-> B [8] [6].

14. Use the 8 S box to replace the 8 parts of B [8] [6]. The steps are as follows:

A) extract the 1st bits and 6th bits of B [J] [6] and connect them to a 2-bit binary number M. The value range is (0-3 ), convert to decimal number as the row mark of the j s box

For example, if B [0] Is '123', the first digit 0 and the sixth digit 1 are taken, and the 01,01 is converted to 1 in decimal format, therefore, m represents 0th rows in the 2nd S box (the array subscript starts from 0)

B) extract the 2nd, 3, 4, and 5 bits of B [J] [6] into a four-digit binary number N in the range of (0-15 ), convert to a decimal number and use it as the column mark of the j s box

For example, if B [0] Is '000000', '000000' is taken and converted to 9 in decimal format, therefore, N represents the 0th columns in the 10th S box (array subscript starts from 0)

C) with the row mark and list, enter the j s box to find the corresponding number.

In the following example, the tenth column in the second row of The 0th S box is used to obtain the number: 6.

D) convert the obtained number to binary and replace the first four digits in the 48-bit B.

In the following example, 6 is converted to 0110 in binary format, so that the first four bits of B are 0110, And the loop continues from 5th bits.

E) after eight cycles, four bits are replaced each time, and the first 32 bits of B are the newly obtained encrypted data B [32].

15. perform the following Transformation on B [32] to obtain B '[32]:

16,7, 20,21, 29,12, 28,17,
, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11,

16. B '[32] and L [I] [32] perform an exclusive or operation to overwrite the left half of data [64]. If I! = 15, the Left and Right Parts of data [64] are exchanged (that is, the result of an exclusive or operation is the right side of the next loop, and the right side is the left side of the next calculation result ). If I = 15, no exchange is performed.

}

17. After the loop is completed, perform an inverse initial replacement for 16 processed data [64]. This is the inverse transformation of step 1.

40, 8, 48, 16, 56, 24, 64, 32,
39, 7, 47, 15, 55, 23, 63, 31,
38, 6, 46, 14, 54, 22, 62, 30,
37, 5, 45, 13, 53, 21, 61, 29,
36, 4, 44, 12, 52, 20, 60, 28,
35, 3, 43, 11, 51, 19, 59, 27,
34, 2, 42, 10, 50, 18, 58, 26,
33, 1, 41, 9, 49, 17, 57, 25

In this way, the final ciphertext of quq ~ is obtained ~

 

The decryption process is the same as the encryption process. The difference is that the sub-keys are in different or different order. The encryption process from 0 to 15 is paired with the sub-Keys, during decryption, the password is exclusive to or from the sub-key 15-0.

  

For the source code, see the link:

Http://pan.baidu.com/s/1c0D1RAo

 

5.1.cpp is the conversion between the char character and the 8-bit binary char.

 

5.2 & 5.3.cpp is the DES encryption program. The output process is as follows:

A. The key corresponds to the 64-bit key (output in 8x8 format, which is converted using the function in 5.1 );

B. After selecting 1 after replacement, the corresponding bits of C0 (28 BITs) and D0 (28 BITs) are output respectively;

C. output the 48-bit bits corresponding to the Child key K5 generated for 5th iterations;

D. 64-bit binary sequence corresponding to the original text;

E. 64-bit sequence after the initial replacement of the IP address, get a new 64-bit;

F. The product transformation requires 16 iterations. The output is the 64-bit after 5 iterations;

G. output the 64-bit after the product transformation (16 iterations) is completed;

H. output the 64-bit encrypted ciphertext;

 

5.4.cpp is a program that decrypts a specified ciphertext.

 

. It includes the extension when the characters are insufficient. After adding this file to vs, you must create the three TXT resource files mentioned above.

 

Desc version. cpp is implemented in C language of DES, which is efficient and well written. Don't look at my face quq from the Information Security Professional.

 

In earlier versions of Vs, int declaration is not allowed in the for loop. You can manually change the int variable to start with the function.

If you have time, add the 3DES algorithm ··

 

DES algorithm details and source code

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.