| <html lang="en"> |
| <head> |
| <title>DES Encryption - The GNU C Library</title> |
| <meta http-equiv="Content-Type" content="text/html"> |
| <meta name="description" content="The GNU C Library"> |
| <meta name="generator" content="makeinfo 4.13"> |
| <link title="Top" rel="start" href="index.html#Top"> |
| <link rel="up" href="Cryptographic-Functions.html#Cryptographic-Functions" title="Cryptographic Functions"> |
| <link rel="prev" href="crypt.html#crypt" title="crypt"> |
| <link href="http://www.gnu.org/software/texinfo/" rel="generator-home" title="Texinfo Homepage"> |
| <!-- |
| This file documents the GNU C library. |
| |
| This is Edition 0.12, last updated 2007-10-27, |
| of `The GNU C Library Reference Manual', for version |
| 2.8 (Sourcery G++ Lite 2011.03-41). |
| |
| Copyright (C) 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2001, 2002, |
| 2003, 2007, 2008, 2010 Free Software Foundation, Inc. |
| |
| Permission is granted to copy, distribute and/or modify this document |
| under the terms of the GNU Free Documentation License, Version 1.3 or |
| any later version published by the Free Software Foundation; with the |
| Invariant Sections being ``Free Software Needs Free Documentation'' |
| and ``GNU Lesser General Public License'', the Front-Cover texts being |
| ``A GNU Manual'', and with the Back-Cover Texts as in (a) below. A |
| copy of the license is included in the section entitled "GNU Free |
| Documentation License". |
| |
| (a) The FSF's Back-Cover Text is: ``You have the freedom to |
| copy and modify this GNU manual. Buying copies from the FSF |
| supports it in developing GNU and promoting software freedom.''--> |
| <meta http-equiv="Content-Style-Type" content="text/css"> |
| <style type="text/css"><!-- |
| pre.display { font-family:inherit } |
| pre.format { font-family:inherit } |
| pre.smalldisplay { font-family:inherit; font-size:smaller } |
| pre.smallformat { font-family:inherit; font-size:smaller } |
| pre.smallexample { font-size:smaller } |
| pre.smalllisp { font-size:smaller } |
| span.sc { font-variant:small-caps } |
| span.roman { font-family:serif; font-weight:normal; } |
| span.sansserif { font-family:sans-serif; font-weight:normal; } |
| --></style> |
| <link rel="stylesheet" type="text/css" href="../cs.css"> |
| </head> |
| <body> |
| <div class="node"> |
| <a name="DES-Encryption"></a> |
| <p> |
| Previous: <a rel="previous" accesskey="p" href="crypt.html#crypt">crypt</a>, |
| Up: <a rel="up" accesskey="u" href="Cryptographic-Functions.html#Cryptographic-Functions">Cryptographic Functions</a> |
| <hr> |
| </div> |
| |
| <h3 class="section">32.4 DES Encryption</h3> |
| |
| <p>The Data Encryption Standard is described in the US Government Federal |
| Information Processing Standards (FIPS) 46-3 published by the National |
| Institute of Standards and Technology. The DES has been very thoroughly |
| analyzed since it was developed in the late 1970s, and no new |
| significant flaws have been found. |
| |
| <p>However, the DES uses only a 56-bit key (plus 8 parity bits), and a |
| machine has been built in 1998 which can search through all possible |
| keys in about 6 days, which cost about US$200000; faster searches would |
| be possible with more money. This makes simple DES insecure for most |
| purposes, and NIST no longer permits new US government systems |
| to use simple DES. |
| |
| <p>For serious encryption functionality, it is recommended that one of the |
| many free encryption libraries be used instead of these routines. |
| |
| <p>The DES is a reversible operation which takes a 64-bit block and a |
| 64-bit key, and produces another 64-bit block. Usually the bits are |
| numbered so that the most-significant bit, the first bit, of each block |
| is numbered 1. |
| |
| <p>Under that numbering, every 8th bit of the key (the 8th, 16th, and so |
| on) is not used by the encryption algorithm itself. But the key must |
| have odd parity; that is, out of bits 1 through 8, and 9 through 16, and |
| so on, there must be an odd number of `1' bits, and this completely |
| specifies the unused bits. |
| |
| <!-- crypt.h --> |
| <!-- BSD, SVID --> |
| <div class="defun"> |
| — Function: void <b>setkey</b> (<var>const char *key</var>)<var><a name="index-setkey-3679"></a></var><br> |
| <blockquote> |
| <p>The <code>setkey</code> function sets an internal data structure to be an |
| expanded form of <var>key</var>. <var>key</var> is specified as an array of 64 |
| bits each stored in a <code>char</code>, the first bit is <code>key[0]</code> and |
| the 64th bit is <code>key[63]</code>. The <var>key</var> should have the correct |
| parity. |
| </p></blockquote></div> |
| |
| <!-- crypt.h --> |
| <!-- BSD, SVID --> |
| <div class="defun"> |
| — Function: void <b>encrypt</b> (<var>char *block, int edflag</var>)<var><a name="index-encrypt-3680"></a></var><br> |
| <blockquote> |
| <p>The <code>encrypt</code> function encrypts <var>block</var> if |
| <var>edflag</var> is 0, otherwise it decrypts <var>block</var>, using a key |
| previously set by <code>setkey</code>. The result is |
| placed in <var>block</var>. |
| |
| <p>Like <code>setkey</code>, <var>block</var> is specified as an array of 64 bits each |
| stored in a <code>char</code>, but there are no parity bits in <var>block</var>. |
| </p></blockquote></div> |
| |
| <!-- crypt.h --> |
| <!-- GNU --> |
| <div class="defun"> |
| — Function: void <b>setkey_r</b> (<var>const char *key, struct crypt_data * data</var>)<var><a name="index-setkey_005fr-3681"></a></var><br> |
| <blockquote><!-- crypt.h --> |
| <!-- GNU --> |
| — Function: void <b>encrypt_r</b> (<var>char *block, int edflag, struct crypt_data * data</var>)<var><a name="index-encrypt_005fr-3682"></a></var><br> |
| <blockquote> |
| <p>These are reentrant versions of <code>setkey</code> and <code>encrypt</code>. The |
| only difference is the extra parameter, which stores the expanded |
| version of <var>key</var>. Before calling <code>setkey_r</code> the first time, |
| <code>data->initialized</code> must be cleared to zero. |
| </p></blockquote></div> |
| |
| <p>The <code>setkey_r</code> and <code>encrypt_r</code> functions are GNU extensions. |
| <code>setkey</code>, <code>encrypt</code>, <code>setkey_r</code>, and <code>encrypt_r</code> are |
| defined in <samp><span class="file">crypt.h</span></samp>. |
| |
| <!-- rpc/des_crypt.h --> |
| <!-- SUNRPC --> |
| <div class="defun"> |
| — Function: int <b>ecb_crypt</b> (<var>char *key, char *blocks, unsigned len, unsigned mode</var>)<var><a name="index-ecb_005fcrypt-3683"></a></var><br> |
| <blockquote> |
| <p>The function <code>ecb_crypt</code> encrypts or decrypts one or more blocks |
| using DES. Each block is encrypted independently. |
| |
| <p>The <var>blocks</var> and the <var>key</var> are stored packed in 8-bit bytes, so |
| that the first bit of the key is the most-significant bit of |
| <code>key[0]</code> and the 63rd bit of the key is stored as the |
| least-significant bit of <code>key[7]</code>. The <var>key</var> should have the |
| correct parity. |
| |
| <p><var>len</var> is the number of bytes in <var>blocks</var>. It should be a |
| multiple of 8 (so that there is a whole number of blocks to encrypt). |
| <var>len</var> is limited to a maximum of <code>DES_MAXDATA</code> bytes. |
| |
| <p>The result of the encryption replaces the input in <var>blocks</var>. |
| |
| <p>The <var>mode</var> parameter is the bitwise OR of two of the following: |
| |
| <dl> |
| <!-- rpc/des_crypt.h --> |
| <!-- SUNRPC --> |
| <dt><code>DES_ENCRYPT</code><a name="index-DES_005fENCRYPT-3684"></a><dd>This constant, used in the <var>mode</var> parameter, specifies that |
| <var>blocks</var> is to be encrypted. |
| |
| <!-- rpc/des_crypt.h --> |
| <!-- SUNRPC --> |
| <br><dt><code>DES_DECRYPT</code><a name="index-DES_005fDECRYPT-3685"></a><dd>This constant, used in the <var>mode</var> parameter, specifies that |
| <var>blocks</var> is to be decrypted. |
| |
| <!-- rpc/des_crypt.h --> |
| <!-- SUNRPC --> |
| <br><dt><code>DES_HW</code><a name="index-DES_005fHW-3686"></a><dd>This constant, used in the <var>mode</var> parameter, asks to use a hardware |
| device. If no hardware device is available, encryption happens anyway, |
| but in software. |
| |
| <!-- rpc/des_crypt.h --> |
| <!-- SUNRPC --> |
| <br><dt><code>DES_SW</code><a name="index-DES_005fSW-3687"></a><dd>This constant, used in the <var>mode</var> parameter, specifies that no |
| hardware device is to be used. |
| </dl> |
| |
| <p>The result of the function will be one of these values: |
| |
| <dl> |
| <!-- rpc/des_crypt.h --> |
| <!-- SUNRPC --> |
| <dt><code>DESERR_NONE</code><a name="index-DESERR_005fNONE-3688"></a><dd>The encryption succeeded. |
| |
| <!-- rpc/des_crypt.h --> |
| <!-- SUNRPC --> |
| <br><dt><code>DESERR_NOHWDEVICE</code><a name="index-DESERR_005fNOHWDEVICE-3689"></a><dd>The encryption succeeded, but there was no hardware device available. |
| |
| <!-- rpc/des_crypt.h --> |
| <!-- SUNRPC --> |
| <br><dt><code>DESERR_HWERROR</code><a name="index-DESERR_005fHWERROR-3690"></a><dd>The encryption failed because of a hardware problem. |
| |
| <!-- rpc/des_crypt.h --> |
| <!-- SUNRPC --> |
| <br><dt><code>DESERR_BADPARAM</code><a name="index-DESERR_005fBADPARAM-3691"></a><dd>The encryption failed because of a bad parameter, for instance <var>len</var> |
| is not a multiple of 8 or <var>len</var> is larger than <code>DES_MAXDATA</code>. |
| </dl> |
| </p></blockquote></div> |
| |
| <!-- rpc/des_crypt.h --> |
| <!-- SUNRPC --> |
| <div class="defun"> |
| — Function: int <b>DES_FAILED</b> (<var>int err</var>)<var><a name="index-DES_005fFAILED-3692"></a></var><br> |
| <blockquote><p>This macro returns 1 if <var>err</var> is a `success' result code from |
| <code>ecb_crypt</code> or <code>cbc_crypt</code>, and 0 otherwise. |
| </p></blockquote></div> |
| |
| <!-- rpc/des_crypt.h --> |
| <!-- SUNRPC --> |
| <div class="defun"> |
| — Function: int <b>cbc_crypt</b> (<var>char *key, char *blocks, unsigned len, unsigned mode, char *ivec</var>)<var><a name="index-cbc_005fcrypt-3693"></a></var><br> |
| <blockquote> |
| <p>The function <code>cbc_crypt</code> encrypts or decrypts one or more blocks |
| using DES in Cipher Block Chaining mode. |
| |
| <p>For encryption in CBC mode, each block is exclusive-ored with <var>ivec</var> |
| before being encrypted, then <var>ivec</var> is replaced with the result of |
| the encryption, then the next block is processed. Decryption is the |
| reverse of this process. |
| |
| <p>This has the advantage that blocks which are the same before being |
| encrypted are very unlikely to be the same after being encrypted, making |
| it much harder to detect patterns in the data. |
| |
| <p>Usually, <var>ivec</var> is set to 8 random bytes before encryption starts. |
| Then the 8 random bytes are transmitted along with the encrypted data |
| (without themselves being encrypted), and passed back in as <var>ivec</var> |
| for decryption. Another possibility is to set <var>ivec</var> to 8 zeroes |
| initially, and have the first the block encrypted consist of 8 random |
| bytes. |
| |
| <p>Otherwise, all the parameters are similar to those for <code>ecb_crypt</code>. |
| </p></blockquote></div> |
| |
| <!-- rpc/des_crypt.h --> |
| <!-- SUNRPC --> |
| <div class="defun"> |
| — Function: void <b>des_setparity</b> (<var>char *key</var>)<var><a name="index-des_005fsetparity-3694"></a></var><br> |
| <blockquote> |
| <p>The function <code>des_setparity</code> changes the 64-bit <var>key</var>, stored |
| packed in 8-bit bytes, to have odd parity by altering the low bits of |
| each byte. |
| </p></blockquote></div> |
| |
| <p>The <code>ecb_crypt</code>, <code>cbc_crypt</code>, and <code>des_setparity</code> |
| functions and their accompanying macros are all defined in the header |
| <samp><span class="file">rpc/des_crypt.h</span></samp>. |
| |
| </body></html> |
| |