DES
DES简介
数据加密标准(英语:Data Encryption Standard,缩写为DES)是⼀一种对称密钥加密分组密码算法,1976 年年被美国联邦政府的国家标准局确定为联邦资料处理标准(FIPS),随后在国际上广泛流传开来。DES 是⼀一种典型的分组加密⽅方案,分组长度为64 比特,密钥表面上是64 比特,然而只有其中的56 比特被实际用于算法,其余8 比特可以被用于奇偶校验,并在算法中被丢弃。因此,DES 的有效密钥长度仅为56比特。
算法原理
DES利用56比特串长度的密钥K来加密长度为64位的明文,得到长度为64位的
密文。加密算法分为三个阶段实现:
- 给定明文X,通过一个固定的初始置换IP排列X中的位,得到X0。
。其中L0由X0的前32位组成,R0由后32位组成。
- 计算函数F的16次迭代,根据下述规则计算
:
。其中Ki为48位子密钥。Ki可由56位密钥计算得出。
- 对
使用逆置换IP-1得到密文Y:
。
由于DES算法具有可逆性和对合性,因此DES的加密算法与解密算法可以共用同一结构。不同的是,解密算法的1~16轮的子密钥应为加密算法的16~1轮的子密钥(即倒序)。
下面对函数F以及子密钥的产生的原理进行阐述。
(1)函数F
函数F中首先对Ri-1进行了扩展置换E使之长度变为48位,然后与本轮的48位子密钥异或,作为8个S盒的输入。每个S盒以6位为输入,以4位为输出。S盒的2~7位为代替表的列数,1和8位组成的数作为代替表行数。8个S盒的输出重新组合为32位的数,进行P置换。置换后的结果与Li-1异或,即Ri。
(2)密钥编排算法
每轮的子密钥由密钥编排算法给出。64位的密钥经过置换选择1(PC-1)得到56位的密钥(8的整数倍位为奇偶校验位)。同时将这56位的密钥分为两部分(C0由前28位组成,D0由后28位组成)。每轮的子密钥都通过循环左移和置换选择2得到。假设第i-1轮有
,则第i轮的子密钥可表示为:
,其中M为循环左移,P为置换选择2。
算法流程
算法流程大致如下:
- 根据密钥编排算法由给定的64位密钥计算出16轮的子密钥
- 如果是加密,则按次序存入列表;如果是解密,按逆序存入列表
- 对明文进行初始置换IP,并将结果分为两部分L0R0
- for i from 0 to 16,进行以下循环:
- 对
进行逆初始置换IP-1,得到密文
算法的伪代码如下:
# DES主体函数
def DES(p, key, mode):
key_list = KeyCreater(key)
p = IP_Trans(p)
divide p into L and R
for i from 0 to 16:
L, R = R, L ^ Function(R,key)
merge R and L into p
p = IP_I_Trans(p)
return p
# 密钥生成函数
# PC_1, KeyMove, PC_2分别为置换选择1,循环左移,置换选择2
def KeyCreater(key, mode):
key = PC_1(key)
divide key into C and D
for i from 0 to 16:
C, D = KeyMove(C, D, i)
merge C and D into key
key = PC_2(key)
add key to list
if (mode == "decrypt"):
reverse list
return list
# F函数
# E_Trans, S_box, P_Trans分别为扩展置换E,S盒代替,P置换
def Function(R, key):
R = E_Trans(R)
s_in = R ^ key
s_out = S_box(s_in)
R = P_Trans(s_out)
# 置换函数和代换函数在此不做赘述函数调用关系大致如下图(该图由Understand分析代码结构得到):(int、range等六边形边框的函数为Python的内置函数,可忽略)
程序代码
import os
IP = [
58, 50, 42, 34, 26, 18, 10, 2,
60, 52, 44, 36, 28, 20, 12, 4,
62, 54, 46, 38, 30, 22, 14, 6,
64, 56, 48, 40, 32, 24, 16, 8,
57, 49, 41, 33, 25, 17, 9, 1,
59, 51, 43, 35, 27, 19, 11, 3,
61, 53, 45, 37, 29, 21, 13, 5,
63, 55, 47, 39, 31, 23, 15, 7
]
IP_I = [
40, 8, 48, 16, 56, 24, 64, 32,
39, 7, 47, 15, 55, 23, 63, 31,
38, 6, 46, 14, 54, 22, 62, 30,
37, 5, 45, 13, 53, 21, 61, 29,
36, 4, 44, 12, 52, 20, 60, 28,
35, 3, 43, 11, 51, 19, 59, 27,
34, 2, 42, 10, 50, 18, 58, 26,
33, 1, 41, 9, 49, 17, 57, 25
]
S_BOX = [
[
[14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7],
[0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8],
[4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0],
[15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13]
],
[
[15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10],
[3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5],
[0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15],
[13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9]
],
[
[10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8],
[13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1],
[13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7],
[1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12]
],
[
[7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15],
[13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9],
[10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4],
[3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14]
],
[
[2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9],
[14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6],
[4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14],
[11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3]
],
[
[12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11],
[10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8],
[9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6],
[4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13]
],
[
[4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1],
[13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6],
[1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2],
[6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12]
],
[
[13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7],
[1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2],
[7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8],
[2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11]
]
]
E_TRANS = [
32, 1, 2, 3, 4, 5,
4, 5, 6, 7, 8, 9,
8, 9, 10, 11, 12, 13,
12, 13, 14, 15, 16, 17,
16, 17, 18, 19, 20, 21,
20, 21, 22, 23, 24, 25,
24, 25, 26, 27, 28, 29,
28, 29, 30, 31, 32, 1
]
P_TRANS = [
16, 7, 20, 21, 29, 12, 28, 17,
1, 15, 23, 26, 5, 18, 31, 10,
2, 8, 24, 14, 32, 27, 3, 9,
19, 13, 30, 6, 22, 11, 4, 25
]
KEY_MOVE = [1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1]
KEY_TRANS_1 = [
57, 49, 41, 33, 25, 17, 9,
1, 58, 50, 42, 34, 26, 18,
10, 2, 59, 51, 43, 35, 27,
19, 11, 3, 60, 52, 44, 36,
63, 55, 47, 39, 31, 23, 15,
7, 62, 54, 46, 38, 30, 22,
14, 6, 61, 53, 45, 37, 29,
21, 13, 5, 28, 20, 12, 4,
]
KEY_TRANS_2 = [
14, 17, 11, 24, 1, 5, 3, 28,
15, 6, 21, 10, 23, 19, 12, 4,
26, 8, 16, 7, 27, 20, 13, 2,
41, 52, 31, 37, 47, 55, 30, 40,
51, 45, 33, 48, 44, 49, 39, 56,
34, 53, 46, 42, 50, 36, 29, 32
]
def DES(p, key, mode):
p_IP, p_IP_I = 0, 0
# e_trans
p_IP = IP_Trans(p)
print("IP(p): " + hex(p_IP))
# divide p into L and R
L, R = p_IP >> 32, p_IP & (int("0xffffffff", 16))
print("L0: " + hex(L))
print("R0: " + hex(R))
# create key_list
key_list = Key_Creater(key, mode)[:]
# feistel strcture
for i in range(16):
L, R = R, Function(R, key_list[i]) ^ L
print("Round {}: L={}, R={}".format(
i + 1,
hex(L).replace("0x", "").zfill(8),
hex(R).replace("0x", "").zfill(8)))
p = (R << 32) + L
p_IP_I = IP_I_Trans(p)
print("IP_I(p): ", hex(p_IP_I).zfill(16))
return hex(p_IP_I).replace("0x", "").zfill(16)
def Key_Creater(key, mode):
key_list, key_in = [], 0
key_in = PC_1(key)
# divide key_in into C and D
C, D = key_in >> 28, key_in & (int("0xfffffff", 16))
for i in range(16):
# left move
C, D = KeyMove(C, D, i)
key, key_out = (C << 28) + D, 0
# key_trans_2
key_out = PC_2(key)
key_list.append(key_out)
if mode == 2:
key_list.reverse()
return key_list
def IP_Trans(p):
p_IP = 0
# e_trans
for i in range(64):
p_IP <<= 1
if p & (1 << (64 - IP[i])) != 0:
p_IP += 1
return p_IP
def IP_I_Trans(p):
p_IP_I = 0
for i in range(64):
p_IP_I <<= 1
if p & (1 << (64 - IP_I[i])) != 0:
p_IP_I += 1
return p_IP_I
def E_Trans(R):
R_E = 0
# e_trans
for i in range(48):
R_E <<= 1
if R & (1 << (32 - E_TRANS[i])) != 0:
R_E += 1
return R_E
def P_Trans(s_out):
R_P = 0
for i in range(32):
R_P <<= 1
if s_out & (1 << (32 - P_TRANS[i])) != 0:
R_P += 1
return R_P
def S_box(s_in):
extract, s_out = int("0b111111", 2), 0
# s_box
for i in range(8):
s_out <<= 4
# get 6 bits input
s = (s_in >> ((7 - i) * 6)) & extract
# select is used to determine which list will be chose
select = ((s >> 5) << 1) + (s & 1)
index = (s & int("0b011110", 2)) >> 1
s_out += S_BOX[i][select][index]
return s_out
def PC_1(key):
key_in = 0
# key_trans_1
for i in range(56):
key_in <<= 1
if key & (1 << (64 - KEY_TRANS_1[i])) != 0:
key_in += 1
return key_in
def PC_2(key):
key_out = 0
for k in range(48):
key_out <<= 1
if key & (1 << (56 - KEY_TRANS_2[k])) != 0:
key_out += 1
return key_out
def KeyMove(C, D, i):
for j in range(KEY_MOVE[i]):
C = ((C << 1) & int("0xfffffff", 16)) + (C >> 27)
D = ((D << 1) & int("0xfffffff", 16)) + (D >> 27)
return C, D
def Function(R, key):
R_E, R_P = 0, 0
# e_trans
R_E = E_Trans(R)
# s_in is a 48-bit input, extract is used to divide s_in into 8 4-bit pieces
s_in, extract, s_out = R_E ^ key, int("0b111111", 2), 0
# s_box
s_out = S_box(s_in)
# p_trans
R_P = P_Trans(s_out)
return R_P
if __name__ == "__main__":
mode = int(input("mode: [1]crypt [2]decrypt "))
p = int(input("input text: "), 16)
key = int(input("input key: "), 16)
print("\nciphertext is: " + DES(p, key, mode))
os.system("pause")
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
