Shulou(Shulou.com)06/01 Report--

DES encryption algorithm for symmetric encryption algorithm in one. Developed by IBM in the early 1970s, it was adopted by the National Bureau of Standards in 1977 as a data encryption standard, i.e. DES full name origin: Data Encryption Standard. Symmetric encryption algorithm is relative to asymmetric encryption algorithm. The difference between the two is that symmetric encryption uses the same key for encryption and decryption, while asymmetric encryption uses different keys for encryption and decryption, i.e., public and private keys. DES, 3DES and AES are symmetric encryption algorithms, while RSA and ECC are asymmetric encryption algorithms.

 

DES is to 64-bit plaintext as a unit to encrypt, more than 64 bits of data, according to the fixed size of 64-bit grouping, grouping has a lot of patterns, followed by a separate summary, temporarily introduced DES encryption algorithm. DES uses a key length of 64 bits, but since parity bits are set every 7 bits, the key length is actually 56 bits. Parity is the simplest error detection code, which detects errors based on whether the number of 1s in a set of binary codes is odd or even.

 

Feistel network

The basic structure of DES was designed by Horst Feistel of IBM, hence the name Feistel network. In Feistel networks, each step of encryption is called a round, and the 64-bit plaintext after initial permutation is encrypted for 16 rounds of Feistel rounds, and finally the final 64-bit ciphertext is formed after final permutation. The following is a diagram of the Feistel network:

 

The 64-bit plaintext is divided into left and right parts for processing. The right data and sub-key generate a bit sequence for encrypting the left data through a round function f, and the XOR operation with the left data. The operation result is output as the encrypted left side, and the right data is directly output as the right side.

The sub-key is the key used in this round of encryption, and different sub-keys are used every time Feistel. The calculation of the subkeys, as well as the details of the round function, are described later. Because a Feistel wheel does not encrypt the right side, it is necessary to reverse the left and right sides after the previous round of output, and repeat the process of Feistel wheel. DES algorithm performs 16 Feistel wheels in total, and the left and right sides do not need to be reversed after the last round of output.

 

DES encryption and decryption processes are consistent, using Feistel network implementation, the only difference is that decryption, ciphertext as input, and reverse the use of sub-keys.

The DES algorithm in the go standard library is implemented as follows:

func cryptBlock(subkeys []uint64, dst, src []byte, decrypt bool) { b := binary.BigEndian.Uint64(src) //initial substitution b = permuteInitialBlock(b) left, right := uint32(b>>32), uint32(b) var subkey uint64 //Total of 16 Feistel rounds for i := 0; i

< 16; i++ { //加密和解密使用子密钥顺序相反 if decrypt { subkey = subkeys[15-i] } else { subkey = subkeys[i] } //feistel轮函数 left, right = right, left^feistel(right, subkey) } //最后一轮无需对调 preOutput := (uint64(right) >

28)) rightRotations := ksRotate(uint32(permutedKey 4) //Generate subkeys for i := 0; i

< 16; i++ { //合并左右两部分，之后PC-2置换 pc2Input := uint64(leftRotations[i])42、sBoxLocations 42) & 0x3f sBoxLocations 4) //剩余第2、3、4、5位组成列号 column := (sBoxLocation >

> 1) & 0xf //feistelBox includes implementations of S-box and P-box substitutions sBoxResult ^= feistelBox[i][16*row+column] } return sBoxResult}var feistelBox [8][64]uint32//P box permutation func permuteBlock(src uint64, permutation []uint8) (block uint64) { for position, n := range permutation { bit := (src >> n) & 1 block |= bit encryption method, but used encryption-> decryption-> encryption method. When the triple keys are the same, the first two steps cancel each other, which is equivalent to only one encryption, so it can be compatible with ordinary DES encryption algorithm.

 

3DES decryption process, the reverse of encryption process, that is, the reverse order of the use of keys.

The following is a schematic diagram of triple DES:

The following is a diagram of 3DES compatible DES:

The implementation of the 3DES encryption algorithm in the go standard is as follows:

type tripleDESCipher struct { cipher1, cipher2, cipher3 desCipher}func NewTripleDESCipher(key []byte) (cipher.Block, error) { if len(key) != 24 { return nil, KeySizeError(len(key)) } c := new(tripleDESCipher) c.cipher1.generateSubkeys(key[:8]) c.cipher2.generateSubkeys(key[8:16]) c.cipher3.generateSubkeys(key[16:]) return c, nil}//3DES cipherfunc (c *tripleDESCipher) Encrypt(dst, src []byte) { c.cipher1.Encrypt(dst, src) c.cipher2.Decrypt(dst, dst) c.cipher3.Encrypt(dst, dst)}//3DES decryption func (c *tripleDESCipher) Decrypt(dst, src []byte) { c.cipher3.Decrypt(dst, src) c.cipher2.Encrypt(dst, dst) c.cipher1.Decrypt(dst, dst)}//code location src/crypto/des/cipher.go Postscript

Compared with DES, 3DES has higher security due to longer key length, but its processing speed is not high. Therefore, AES encryption algorithm appeared again, AES is faster and more secure than 3DES, which is summarized separately later.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.