数据加密标准
我们被要求编写 DES 算法(用于加密和解密)的 Java 实现。我有几个问题:
DES 指定应该有 64 位的纯文本或密文以及一个 56 位的共享密钥。给出字节数的方法是什么,
该算法使用了大量位级操作,例如将 64 位拆分为两个 32 位部分。如何做到这一点?
We were asked to write a Java implementation of the DES algorithm (which is used for encryption and decryption). I had a couple of questions:
DES specifies that there should be 64 bits of plain text or cipher text and an exactly 56 bit shared key. what is the method that gives the number of bytes ,
The algorithm uses a lot of bit level manipulations, such as splitting the 64 bits into two 32 bit sections. How can this be done?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
虽然这并不是你问题的真正答案,但我不得不说:
在大多数情况下,自己实现加密算法是一个非常糟糕的主意。
让我解释一下:
密码学很难。很少有人能够充分理解它来发明自己的算法,甚至他们寻求其他人的帮助来验证它不会在一秒钟内被破解。
即使使用已被证明足以满足人们意图的现有算法,这仍然是一个坏主意,因为存在足够多的可能性出现细微错误,从而破坏原本安全的算法的实现。这种情况发生过很多次,我都记不清发生了多少次。
关于 DES,尽管我希望您知道:对于当今的标准来说,纯 DES 被认为非常薄弱。所以你应该实现更好的3DES。
编辑:
好吧,说了这么多,并意识到这似乎是一项家庭作业(感谢您的提醒)后,我深入研究了 DES。到目前为止,我得到的信息如下:
DES 是一种分组密码,在 64 位块上运行。有多种不同的操作模式。它们确实确定如何将明文划分为 64 位块。某些模式需要填充,这意味着您用数据填充最后一个块,解密密文后即可删除。上面维基百科文章中的 Padding 段落包含有关如何在 DES 中使用 padding 的描述。
理论就讲这么多,如何在 Java 中实现这一点...
这为您提供了必须加密的字符串的字节数组。剩下的就是简单的计数和加法......
我希望这个修改后的答案对你更有用。
Although this is not really an answer to your question, I have to say it:
Implementing encryption algorithms yourself is a really bad idea in most cases.
Let me explain:
Cryptography is hard. There are few people that understand it good enough to invent their own algorithms and even they seek the help of others to verify, that it is not breakable in a second.
Even when using an existing algorithm that is proven to be good enough for ones intentions, it's still a bad idea, because there are more than enough possibilities for subtle errors, that break the implementation of a otherwise safe algorithm. That has happened so many times, that I lost count of how often.
And even if you are really lucky and diligent and pull a perfect implementation, it's a waste of time and resources not tu use an existing implementation that has already been developed and tested and proven.
And a word about DES, although I hope you know that: Pure DES is considered really weak for todays standard. So you should implement 3DES which is better.
Edit:
OK, after all that talking, and after realizing that this seems to be a homework assignment (thanks for the heads up), I dug a little into DES. Here's what I got so far:
DES is a block cipher, operating on 64 bit Blocks. There are several different modes of operation. They do determine how the clear text is to be devided into the 64 bit blocks. Some of the modes require padding, that means you fill the last block with data, that you can remove after decrypting the cipher text. The Padding paragraph in the Wikipedia article above contains a description about how padding was used in DES.
So much for the theory, how to go about that in Java...
That gives you an array of byte for the string you have to encrypt. The rest is simple counting and adding...
I hope this revised answer is more useful to you.
您不能使用现有的 bouncycastle 库吗:
http://www.bouncycastle.org/docs/docs1.6/index.html ?
您将在 David Hook 的“Beginning Cryptography with Java”中找到许多使用该库的示例。
Can't you use already existing bouncycastle library:
http://www.bouncycastle.org/docs/docs1.6/index.html ?
You will find many examples of usage of this library in "Beginning Cryptography with Java" by David Hook.
现在您应该知道 8 位 = 1 字节。加密中的所有内容都以位为单位,除了定义缓冲区之外,您永远不需要字节。
分割使用按位运算。屏蔽下半部分的顶部位,移动上半部分的顶部位。我假设您已经有了参考资料,虽然它们是宝贵的资源,但您绝对必须知道按位运算是如何工作的。不会破坏项目的一个好资源是压缩算法,例如 CABAC,因为它们同样是面向位的。然后关闭选项卡并尝试使用规范来制作您自己的规范。
You should know by now that 8 bits = 1 byte. Everything in crypto works on bits, you never really need bytes except to define a buffer.
Splitting uses bitwise operations. Mask off the top bits for the bottom half, shift over the top bits for the top half. I assume you have the reference already, and while they're an invaluable resource, you absolutely have to know how bitwise ops work. A good resource that won't spoil the project is a compression algorithm, such as CABAC, since they're likewise bit-oriented. Then close the tab and try to use the spec to make your own.