NAME

	setupDESstate, des_key_setup, block_cipher, desCBCencrypt, desCBCdecrypt, desECBencrypt, desECBdecrypt, des3CBCencrypt, des3CBCdecrypt, des3ECBencrypt, des3ECBdecrypt, key_setup, des56to64, des64to56, setupDES3state, triple_block_cipher, - single and triple digital encryption standard

SYNOPSIS

#include <u.h> #include <libc.h> #include <mp.h> #include <libsec.h> void    des_key_setup(uchar key[8], ulong schedule[32]) void    block_cipher(ulong *schedule, uchar *data,            int decrypting) void    setupDESstate(DESstate *s, uchar key[8], uchar *ivec) void    desCBCencrypt(uchar*, int, DESstate*) void    desCBCdecrypt(uchar*, int, DESstate*) void    desECBencrypt(uchar*, int, DESstate*) void    desECBdecrypt(uchar*, int, DESstate*) void    triple_block_cipher(ulong keys[3][32], uchar*, int) void    setupDES3state(DES3state *s, uchar key[3][8],                 uchar *ivec) void    des3CBCencrypt(uchar*, int, DES3state*) void    des3CBCdecrypt(uchar*, int, DES3state*) void    des3ECBencrypt(uchar*, int, DES3state*) void    des3ECBdecrypt(uchar*, int, DES3state*) void    key_setup(uchar[7], ulong[32]) void    des56to64(uchar *k56, uchar *k64) void    des64to56(uchar *k64, uchar *k56)

DESCRIPTION

The Digital Encryption Standard (DES) is a shared key or symmetric encryption using either a 56 bit key for single DES or three 56 bit keys for triple des. The keys are encoded into 64 bits where every eight bit is parity. The basic DES function, block_cipher, works on a block of 8 bytes, converting them in place. It takes a key schedule, a pointer to the block, and a flag indicating encrypting (0) or decrypting (1). The key schedule is created from the key using des_key_setup. Since it is a bit awkward, block_cipher is rarely called directly. Instead, one normally uses routines that encrypt larger buffers of data and which may chain the encryption state from one buffer to the next. These routines keep track of the state of the encryption using a DESstate structure that contains the key schedule and any chained state. SetupDESstate sets up the DESstate structure using the key and an 8 byte initialization vector. Electronic code book, using desECBencrypt and desECBdecrypt, is the less secure mode. The encryption of each 8 bytes does not depend on the encryption of any other. Hence the encryption is a substitution cipher using 64 bit characters. Cipher block chaining mode, using desCBCencrypt and desCBCdecrypt, is more secure. Every block encrypted depends on the initialization vector and all blocks encrypted before it. For both CBC and ECB modes, a stream of data can be encrypted as multiple buffers. However, all buffers except the last must be a multiple of 8 bytes to ensure successful decryption of the stream. There are equivalent triple DES functions for each of the DES functions. In the past Plan 9 used a 56 bit or 7 byte format for DES keys. To be compatible with the rest of the world, we’ve abandoned this format. There are two functions: des56to64 and des64to56 to convert back and forth between the two formats. Also a key schedule can be set up from the 7 byte format using key_setup.

SOURCE

	/usr/local/plan9/src/libsec

SEE ALSO

	mp(3), aes(3), blowfish(3), dsa(3), elgamal(3), rc4(3), rsa(3), sechash(3), prime(3), rand(3)