First, the data complement
Des data encryption is the data according to 8 bytes of Des encrypted or decrypted to obtain a 8-byte cipher or clear text, the last paragraph less than 8 bytes, in accordance with the need to make up 8 bytes (usually 00 or FF, according to the actual requirements of different) to calculate, The calculated data is then connected in order.
Here is the question of why the data complement. The main reason is that the DES algorithm is required to decrypt the data must be 8 bytes.
Second, ECB model
DES ECB (E-book method) is actually very simple, that is, the data in accordance with 8 bytes of DES encryption or decryption to obtain a paragraph of 8 bytes of ciphertext or clear text, the last paragraph of less than 8 bytes, in accordance with the requirements of 8 bytes to make the calculation, and then in order to the calculated data linked together, Each segment of data does not affect each other.
Three, CBC mode
DES CBC (ciphertext block link) is a bit cumbersome, and its implementation mechanism makes the encrypted data in a relationship. Its implementation mechanism is as follows:
The encryption steps are as follows:
1 First, the data in accordance with a group of 8 bytes to get d1d2 ... Dn (if the data is not 8 integer times, with the specified padding data complement)
2 The first group of data D1 and initialization vector I or after the results of DES encryption to obtain the first group of ciphertext C1 (initialization vector i is all 0)
3 The second group of data D2 and the first group of encryption results C1 or later results des encryption, get the second group of ciphertext C2
4) After the data and so on, get CN
5) in order connected to c1c2c3 ... CN is the result of encryption.
Decryption is an inverse process of encryption, as follows:
1 First, the data in accordance with a group of 8 bytes to get c1c2c3 ... Cn
2 after the first set of data decrypted with the initialization vector I to the different or get the first set of clear D1 (note: Must be decrypted before the different or)
3 The second group of data C2 after the decryption and the first group of ciphertext data to be different or get the second group of data D2
4) and so on, get the DN
5) in order connected to d1d2d3 ... The DN is the decryption result.
Note here that the results of decryption is not necessarily our original encrypted data, may also contain your fill bit, you must remove the complement is your original data.
Four, 3DES algorithm
3DES algorithm as the name implies is 3 des algorithm, the principle of the algorithm is as follows:
Set Ek () and DK () to represent the encryption and decryption process of the DES algorithm, K represents the key used by the DES algorithm, p represents the plaintext, and C represents the secret table, so
The 3DES encryption process is: C=ek3 (Dk2 (EK1 (P)))
3DES decryption process is: P=dk1 ((EK2 (DK3 (C)))
This can be k1=k3, but not K1=K2=K3 (if the same is the DES algorithm)
3DES with 2 diffrent keys (K1=K3), can be 3DES-CBC, or 3des-ecb,3des-cbc the flow of the entire algorithm and DES-CBC the same, but in the original encryption or decryption in addition to the different or operation of the steps, the use of The key is a 16-byte-length key that divides the key into two parts, 8-byte and right 8-byte, that is, k1= left 8 bytes, k2= right 8 bytes, and then encrypt and decrypt operations.
The
3DES with 3 different keys is exactly the same as the 3DES-CBC process, only uses a key that is 24 bytes , but the key is different for each encryption decryption encryption. The key that divides the key into 3-paragraph 8-byte keys is key 1, key 2, key 3, encryption and decryption in 3DES encryption in order to encrypt and decrypt the key 1, key 2, key 3, in the 3DES decryption decryption encryption and decryption use Key 3, key 2, key 1.