DES(3) DES(3)
NAME
setupDESstate, des_key_setup, block_cipher, desCBCencrypt,
desCBCdecrypt, desECBencrypt, desECBdecrypt, des3CBCencrypt,
des3CBCdecrypt, des3ECBencrypt, des3ECBdecrypt, key_setup,
des56to64, des64to56, setupDES3state, triple_block_cipher,
- single and triple digital encryption standard
SYNOPSIS
#include <u.h>
#include <libc.h>
#include <mp.h>
#include <libsec.h>
void des_key_setup(uchar key[8], ulong schedule[32])
void block_cipher(ulong *schedule, uchar *data,
int decrypting)
void setupDESstate(DESstate *s, uchar key[8], uchar *ivec)
void desCBCencrypt(uchar*, int, DESstate*)
void desCBCdecrypt(uchar*, int, DESstate*)
void desECBencrypt(uchar*, int, DESstate*)
void desECBdecrypt(uchar*, int, DESstate*)
void triple_block_cipher(ulong keys[3][32], uchar*, int)
void setupDES3state(DES3state *s, uchar key[3][8],
uchar *ivec)
void des3CBCencrypt(uchar*, int, DES3state*)
void des3CBCdecrypt(uchar*, int, DES3state*)
void des3ECBencrypt(uchar*, int, DES3state*)
void des3ECBdecrypt(uchar*, int, DES3state*)
void key_setup(uchar[7], ulong[32])
void des56to64(uchar *k56, uchar *k64)
void des64to56(uchar *k64, uchar *k56)
DESCRIPTION
The Digital Encryption Standard (DES) is a shared key or
symmetric encryption using either a 56 bit key for single
DES(3) DES(3)
DES or three 56 bit keys for triple des. The keys are
encoded into 64 bits where every eight bit is parity.
The basic DES function, block_cipher, works on a block of 8
bytes, converting them in place. It takes a key schedule, a
pointer to the block, and a flag indicating encrypting (0)
or decrypting (1). The key schedule is created from the key
using des_key_setup.
Since it is a bit awkward, block_cipher is rarely called
directly. Instead, one normally uses routines that encrypt
larger buffers of data and which may chain the encryption
state from one buffer to the next. These routines keep
track of the state of the encryption using a DESstate struc-
ture that contains the key schedule and any chained state.
SetupDESstate sets up the DESstate structure using the key
and an 8 byte initialization vector.
Electronic code book, using desECBencrypt and desECBdecrypt,
is the less secure mode. The encryption of each 8 bytes
does not depend on the encryption of any other. Hence the
encryption is a substitution cipher using 64 bit characters.
Cipher block chaining mode, using desCBCencrypt and
desCBCdecrypt, is more secure. Every block encrypted
depends on the initialization vector and all blocks
encrypted before it.
For both CBC and ECB modes, a stream of data can be
encrypted as multiple buffers. However, all buffers except
the last must be a multiple of 8 bytes to ensure successful
decryption of the stream.
There are equivalent triple DES functions for each of the
DES functions.
In the past Plan 9 used a 56 bit or 7 byte format for DES
keys. To be compatible with the rest of the world, we've
abandoned this format. There are two functions: des56to64
and des64to56 to convert back and forth between the two for-
mats. Also a key schedule can be set up from the 7 byte
format using key_setup.
SOURCE
/src/libsec
SEE ALSO
mp(3), aes(3), blowfish(3), dsa(3), elgamal(3), rc4(3),
rsa(3), sechash(3), prime(3), rand(3)