First, des algorithm in 1973, the U.S. National Bureau of Standards, in addition to the Ministry of Defence of other departments of the computer system data encryption standards, on May 15, 1973 and August 27, 1974, two times to the public to solicit encryption algorithm announcements. The purpose of the cryptographic algorithm (commonly referred to as the DES cipher algorithm requirement) is the following four points: ☆ provide high quality data protection to prevent unauthorized disclosure of data and undetected modifications; ☆ has a considerable complexity, so that the cost of deciphering more than possible benefits, but also easy to understand and grasp; The security of the ☆des cryptosystem should not rely on the secrecy of the algorithm, but its security is based on the secrecy of encryption key, which is economical, effective and applicable to a variety of different applications. January 1977, the United States government issued: the adoption of IBM design of the scheme as the official data Encryption Standard (DES-Data encryption Standard). At present, with the start-up of the three gold project, especially the Gold Card project, des algorithm is widely used in Pos, ATM, magnetic card and smart card (IC cards), gas station, expressway toll station and so on to realize the secrecy of key data, such as the encryption transmission of the credit card holder's PIN. The DES algorithm is used in the two-way authentication between IC card and POS and the Mac check of financial transaction packet. The DES algorithm has three entry parameters: Key, Data, Mode. The key is 8 bytes A total of 64 bits, is the DES algorithm work key, data is also 8 byte 64 bits, is to be encrypted or decrypted, the mode for the work of DES, there are two kinds: encryption or decryption. Des algorithm is such a work: such as mode for encryption, the key to the data to encrypt, generate the password form data (64-bit) as the output of DES, such as mode for decryption, the key to the form of the password data decryption, Revert to the plaintext form of data (64-bit) as the result of des output. At both ends of the communication network, the two sides agreed to the key, at the source point of communication with key to the core data des encryption, and then in the form of a password in the public communications network (such as telephone network) transmission to the end of the communication network, the data arrived at the destination, with the same key to decrypt the password data, It reproduces the core data in the form of plaintext. This ensures the security and reliability of core data (such as pins, Macs, etc.) in the public communication network. By periodically switching to the new key at the source and destination of the communication network, it is possible to further improve the confidentiality of the data, which is now the prevalent practice of the financial Transactions network. The DES algorithm details the DES algorithm to the 64-bit plaintext input block into 64-bit ciphertext output block, it uses the key is also 64 bits, the entire algorithm's main flowchart is as follows: Its function is to put the input of 64-bit data block bitwise WEIGHTThe new combination, and the output into L0, R0 two parts, each part of each length of 32, its replacement rules see the following table: 58, 50,12,34,26,18,10,2,60,52,44,36,28,20,12,4,62,54,46,38,30,22,14,6,64,56,48,40,32,24,16,8,57,49,41,33,25,17, 9,1,59,51,43,35,27,19,11,3,61,53,45,37,29,21,13,5,63,55,47,39,31,23,15,7, the 58th bit will be entered into the first place, the 50th position to the 2nd, ..., etc., The last one is the original 7th place. L0, R0 is the output of two parts, L0 is the output of the left 32-bit, R0 is the right 32-bit, example: set to change before the input value of d1d2d3 ... D64, the result after the initial permutation is: L0=d58d50 ... D8;r0=d57d49 ... D7. After 16 iterations. The L16 and R16 are obtained, and the output of ciphertext is obtained by means of the input and inverse permutation. The inverse permutation is exactly the inverse of the initial operation, for example, the 1th bit after the initial permutation, in the 40th position, and through the inverse permutation, and the 40th bit back to the 1th bit, its inverse permutation rules as shown in the following table: 40, 8,48,16,56,24,64,32,39,7,47,15,55,23,63,31,38,6,46,14,54,22,62,30,37,5,45,13,53,21,61,29,36,4,44,12,52,20,60,28,35,3,43,1 1,51,19,59,27,34,2,42,10,50,18,58 26,33,1,41, 9,49,17,57,25, enlarged transposition table 32, 1, 2, 3, 4, 5, 4, 5, 6, 7, 8, 9, 8, 9, 10,11,12,13,12 , 13,14,15,16,17,16,17,18,19,20,21,20,21,22,23,24,25,24,25,26,27,28,29,28,29,30,31,32, 1, Simply transposition Table 16, 7,20,21,29,12,28,17, 1,15,23,26, 5,18,31,10,2,8,24,14,32,27, 3, 9,19,13,30, 6,22,11, 4, 25, in the F (ri,ki) algorithm description diagram, S1,S2 ... S8 is the function of selecting the 6bit data into 4bit data. Here is a functional table of the selection function Si (i=1,2......8): Select functionSiS1 : 14,4,13,1,2,15,11,8,3,10,6,12,5,9,0,7,0,15,7,4,14,2,13,1,10,6,12,11,9,5,3,8,4,1,14,8,13,6,2,11,15,12,9,7,3,10,5,0,15,12 , 8,2,4,9,1,7,5,11,3,14,10,0,6,13,S2 : 15,1,8,14,6,11,3,4,9,7,2,13,12,0,5,10,3,13,4,7,15,2,8,14,12,0,1,10,6,9,11,5,0,14,7,11,10,4,13,1,5,8,12,6,9,3,2,15,13,8,1 0,1,3,15,4,2,11,6,7,12,0,5,14,9,s3 : 10,0,9,14,6,3,15,5,1,13,12,7,11,4,2,8,13,7,0,9,3,4,6,10,2,8,5,14,12,11,15,1,13,6,4,9,8,15,3,0,11,1,2,12,5,10,14,7,1,10,1 3,0,6,9,8,7,4,15,14,3,11,5,2,12,s4 : 7,13,14,3,0,6,9,10,1,2,8,5,11,12,4,15,13,8,11,5,6,15,0,3,4,7,2,12,1,10,14,9,10,6,9,0,12,11,7,13,15,1,3,14,5,2,8,4,3,15,0 , 6,10,1,13,8,9,4,5,11,12,7,2,14,S5 : 2,12,4,1,7,10,11,6,8,5,3,15,13,0,14,9,14,11,2,12,4,7,13,1,5,0,15,10,3,9,8,6,4,2,1,11,10,13,7,8,15,9,12,5,6,3,0,14,11,8,1 2,7,1,14,2,13,6,15,0,9,10,4,5,3,s6 : 12,1,10,15,9,2,6,8,0,13,3,4,14,7,5,11,10,15,4,2,7,12,9,5,6,1,13,14,0,11,3,8,9,14,15,5,2,8,12,3,7,0,4,10,1,13,11,6,4,3,2 , 12,9,5,15,10,11,14,1,7,6,0,8,13,s7:4,11,2,14,15,0,8,13,3,12,9,7,5,10,6,1,13,0,11,7,4,9,1,10,14,3,5,12,2,15,8,6,1,4,11,13,12,3,7,14,10,15,6,8,0,5,9,2,6,11,13,8,1,4,10,7,9,5,0,15,14,2,3,12,s8 : 13,2,8,4,6,15,11,1,10,9,3,14,5,0,12,7,1,15,13,8,10,3,7,4,12,5,6,11,0,14,9,2,7,11,4,1,9,12,14,2,0,6,10,13,15,3,5,8,2,1,14 , 7,4,10,8,13,15,12,9,0,3,5,6,11, here to S1 as an example of its function, we can see: in S1, a total of 4 rows of data, named 0, 1, 2, 3 rows, each row has 16 columns, named 0, 1, 2, 3,......,14, 15 columns. The input is: D=D1D2D3D4D5D6 Order: Column =d2d3d4d5 row =d1d6 then in the S1 table to find the corresponding number, in 4-bit binary notation, this is the selection function S1 output. The generation algorithm for the Sub Key Ki (48bit) is given below from the generation algorithm description diagram of the subkey key Ki, we can see that the initial key value is 64 bits, but the DES algorithm stipulates that the 8th 、...... 64-bit is a parity bit and does not participate in the DES operation. The actual number of digits in the key can only be 56 digits. That is: After the transformation of the selected transposition table 1, the number of keys is changed from 64 bits to 56 bits. This 56-bit is divided into C0, D0 two parts, each 28-bit, and then the 1th cycle of the left shift, get C1, D1, C1 (28-bit), D1 (28-bit) merged to get 56, and then after the reduction of the selection of replacement 2 , and the key K0 (48-bit) is obtained. And so on, you can get K1, K2 、......、 K15, but it should be noted that the left shift corresponding to the 16-time cycle should be carried out according to the following rules: Loop left shift number 1, 1,2,2,2,2,2,2,1,2,2,2,2,2,2,1 the encryption process of DES algorithm is introduced. Des algorithm decryption process is the same, the difference is only in the first iteration with the sub key K15, the second K14 、......, the last time with K0, the algorithm itself does not change. Second, des algorithm theory diagram des algorithm is symmetrical, can be used for encryption and decryption. The following figure is the rough block diagram of its algorithm. Its specific operation process has the following seven steps. 498) this.width=498 ' OnMouseWheel = ' javascript:return big (This) ' height=844 src= '/files/uploadimg/20051207/1444420. gif"The application of width=696> des algorithm the DES algorithm has very high security, so far, besides using the exhaustive search method to attack the DES algorithm, no more effective methods have been found. And the 56-bit-long Key's poor-lift space is 256, this means that if the speed of a computer is to detect 1 million keys per second, it will take nearly 2,285 years to search the full secret key, which is difficult to achieve, of course, with the development of science and technology, when the super high-speed computer, We can consider increasing the length of the DES Key to achieve a higher degree of confidentiality. From the above des algorithm, we can see that the DES algorithm uses only 64 bits of 56 bits in the key, and the 8th, 16, 、...... The 64-bit 8-bit is not involved in the Des operation, which gives us an application requirement that DES Security is based on the addition of 8,16,24, ... 64-bit of the remaining 56-bit combinations change 256 to be guaranteed. Therefore, in practical applications, we should avoid the use of the 8,16,24, ... The 64-bit is a valid data bit, and the other 56 bits are used as the valid data bits to ensure the safe and reliable function of the DES algorithm. If this is not understood, the key key is 8,16,24, ... 64-bit as a valid data use, will not guarantee the security of DES encrypted data, the use of DES to achieve confidentiality of the system to produce data to be deciphered the risk, this is the DES algorithm in the application of the error, leaving a person to attack, be deciphered the great hidden dangers. To force (0 Votes) Tempted (0 Votes) nonsense (0 Votes) Professional (0 Votes) The title of the party (0 votes) passing (0 Votes) The original: Encryption algorithm des algorithm return to network security home
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.