这是学校专业课程设计,要求实现112位的密钥长度的DES算法,与原有的DES算法不同的是密钥长度不懂,
但是每轮的子密钥长度依然是56(64)位的。由于那阶段事情较多,为了早些完成,就选用的Python编程语言,
参考了一个小都开源代码pydes,有兴趣都可以看看。
说实话,用Python写代码真是一种享受!尤其是表置换,只需要一句代码即可!
下面正文:
要求:对DES密码系统进行改进,延长密钥长度为112比特,取两个各位64比特的密钥K1,K2,在DES的第1到5轮
使用K1密钥产生的子密钥,在第6到11轮使用K2密钥产生的子密钥,在第12到16轮使用K1密钥产生余下的子密钥。
实现112位的DES加密算法,实验关于明文与密钥的雪崩效应。
DES算法流程图
一轮DES过程
知道DES算法实现方式后就可以写代码了
真正用于给别人使用的DES算法需要考虑很多
对称加密算法要求被加密数据时分块的,这就需要数据对齐,从而引入了几种大家公认的填充方式
还有就是初始向量
1 #coding=gbk
2 #Author : xddy1008@gmail.com
3
4
5
6 #Type of crypting being done
7 ENCRYPT = 0x00
8 DECRYPT = 0x01
9
10 # Permutation and translation tables for DES
11 # 密钥置换
12 __pc1 = [56, 48, 40, 32, 24, 16, 8,
13 0, 57, 49, 41, 33, 25, 17,
14 9, 1, 58, 50, 42, 34, 26,
15 18, 10, 2, 59, 51, 43, 35,
16 62, 54, 46, 38, 30, 22, 14,
17 6, 61, 53, 45, 37, 29, 21,
18 13, 5, 60, 52, 44, 36, 28,
19 20, 12, 4, 27, 19, 11, 3
20 ]
21
22 # number left rotations of pc1
23 # 每轮循环左移位数
24 __left_rotations = [
25 1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1
26 ]
27
28 # permuted choice key (table 2)
29 # 压缩置换
30 __pc2 = [
31 13, 16, 10, 23, 0, 4,
32 2, 27, 14, 5, 20, 9,
33 22, 18, 11, 3, 25, 7,
34 15, 6, 26, 19, 12, 1,
35 40, 51, 30, 36, 46, 54,
36 29, 39, 50, 44, 32, 47,
37 43, 48, 38, 55, 33, 52,
38 45, 41, 49, 35, 28, 31
39 ]
40
41 # initial permutation IP
42 # 初始置换IP
43 __ip = [57, 49, 41, 33, 25, 17, 9, 1,
44 59, 51, 43, 35, 27, 19, 11, 3,
45 61, 53, 45, 37, 29, 21, 13, 5,
46 63, 55, 47, 39, 31, 23, 15, 7,
47 56, 48, 40, 32, 24, 16, 8, 0,
48 58, 50, 42, 34, 26, 18, 10, 2,
49 60, 52, 44, 36, 28, 20, 12, 4,
50 62, 54, 46, 38, 30, 22, 14, 6
51 ]
52
53 # Expansion table for turning 32 bit blocks into 48 bits
54 # 扩展变换
55 __expansion_table = [
56 31, 0, 1, 2, 3, 4,
57 3, 4, 5, 6, 7, 8,
58 7, 8, 9, 10, 11, 12,
59 11, 12, 13, 14, 15, 16,
60 15, 16, 17, 18, 19, 20,
61 19, 20, 21, 22, 23, 24,
62 23, 24, 25, 26, 27, 28,
63 27, 28, 29, 30, 31, 0
64 ]
65
66 # The (in)famous S-boxes
67 # S 盒
68 __sbox = [
69 # S1
70 [14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7,
71 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8,
72 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0,
73 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13],
74
75 # S2
76 [15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10,
77 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5,
78 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15,
79 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9],
80 # S3
81 [10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8,
82 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1,
83 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7,
84 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12],
85
86 # S4
87 [7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15,
88 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9,
89 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4,
90 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14],
91
92 # S5
93 [2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9,
94 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6,
95 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14,
96 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3],
97
98 # S6
99 [12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11,
100 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8,
101 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6,
102 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13],
103
104 # S7
105 [4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1,
106 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6,
107 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2,
108 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12],
109
110 # S8
111 [13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7,
112 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2,
113 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8,
114 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11],
115 ]
116
117
118 # 32-bit permutation function P used on the output of the S-boxes
119 # P-盒置换
120 __p = [
121 15, 6, 19, 20, 28, 11,
122 27, 16, 0, 14, 22, 25,
123 4, 17, 30, 9, 1, 7,
124 23,13, 31, 26, 2, 8,
125 18, 12, 29, 5, 21, 10,
126 3, 24
127 ]
128
129 # final permutation IP^-1
130 # 末尾置换IP^-1
131 __fp = [
132 39, 7, 47, 15, 55, 23, 63, 31,
133 38, 6, 46, 14, 54, 22, 62, 30,
134 37, 5, 45, 13, 53, 21, 61, 29,
135 36, 4, 44, 12, 52, 20, 60, 28,
136 35, 3, 43, 11, 51, 19, 59, 27,
137 34, 2, 42, 10, 50, 18, 58, 26,
138 33, 1, 41, 9, 49, 17, 57, 25,
139 32, 0, 40, 8, 48, 16, 56, 24
140 ]
141 def __String_to_BitList(data):
142 """Turn the string data,into a list of bits"""
143 data = [ord(c) for c in data] #转换成十进制数
144 sl = len(data)*8
145 pos = 0
146 result = [0]*sl #共有 sl 位
147 for ch in data:
148 i = 7
149 while i>=0:
150 if ch & (1<<i) != 0:
151 result[pos] = 1
152 else :
153 result[pos] = 0
154 pos += 1
155 i -= 1
156 return result
157 def __BitList_to_String(data):
158 """Turn the list of bits(data) into a string"""
159 result = []
160 pos = 0
161 c = 0
162 while pos < len(data):
163 c += data[pos] << (7-( pos % 8)) #转换成十进制数
164 if ( pos % 8) == 7:
165 result.append(c)
166 c = 0
167 pos += 1
168 return ''.join([chr(c) for c in result ])
169 def __BitList_to_HexString(data):
170 result = []
171 HEX = '0123456789ABCDEF'
172 pos = 0
173 c = 0
174 while pos < len(data):
175 c += data[pos] << (3 - (pos % 4))
176 if( pos % 4 ==3):
177 c = HEX[c]
178 result.append(c)
179 c = 0
180 pos +=1
181 return ''.join([x for x in result ])
182
183
184 def String_to_HexString(data):
185 return __BitList_to_HexString(__String_to_BitList(data))
186
187
188 def BitString_to_String(data):
189 bitlist = [ord(x)-48 for x in data]
190 return __BitList_to_String(bitlist)
191
192 def String_to_BitString(data):
193 bitlist = __String_to_BitList(data)
194 return ''.join([chr(x+48) for x in bitlist])
195
196 def HexString_to_String(data):
197 HEX = '0123456789ABCDEF'
198 HexList = list(HEX)
199 value = [0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15]
200 h_v = dict(zip(HexList,value))
201
202 data = [h_v[x] for x in data ]
203
204 sl = len(data)*8
205 pos = 0
206 result = [0]*sl #共有 sl 位
207 for ch in data:
208 i = 7
209 while i>=0:
210 if ch & (1<<i) != 0:
211 result[pos] = 1
212 else :
213 result[pos] = 0
214
215 pos += 1
216 i -= 1
217 ret = []
218 i = 4
219 while i <len(result):
220 ret.append(result[i])
221 ret.append(result[i+1])
222 ret.append(result[i+2])
223 ret.append(result[i+3])
224 i += 4
225
226 return __BitList_to_String(ret)
227
228
229 def __permutata(table,block):
230 """用指定的table置换block"""
231 return list(map(lambda x: block[x],table))
232
233
234 def __create_sub_keys(K1,K2):
235 """按照要求生成子密钥
236 返回K[1]-K[16]
237 去两个各为64比特的密钥K1,K2,在DES的第1到5轮使用K1密钥产生的子密钥,在第6到11
238 轮使用K2密钥产生的子密钥,在第12到16轮使用K1密钥产生余下的子密钥。
239
240 """
241 subKey = []
242 key1 = __permutata (__pc1,__String_to_BitList(K1)) #转换成56位
243 key2 = __permutata (__pc1,__String_to_BitList(K2)) #转换成56位
244
245 # 由K1 生成1到5轮的子密钥
246 # 将key1分割左右各28位
247 L1 = key1[:28]
248 R1 = key1[28:]
249 for i in range(5):
250 j = 0
251 # 轮循环
252 while j < __left_rotations[i]:
253 L1.append(L1[0])
254 del L1[0]
255
256 R1.append(R1[0])
257 del R1[0]
258 j+=1
259 #压缩置换生成子密钥
260 subKey.append(__permutata(__pc2,L1+R1))
261
262 # 由K2生成第6到11轮子密钥
263 L2 = key2[:28]
264 R2 = key2[28:]
265 for i in range(5,11):
266 j = 0
267 while j < __left_rotations[i]:
268 L2.append(L2[0])
269 del L2[0]
270 R2.append(R2[0])
271 del R2[0]
272 j+=1
273 subKey.append(__permutata(__pc2, L2+R2))
274
275 #由K1继续生成余下的子密钥
276 for i in range(11,16):
277 j = 0
278 while j < __left_rotations[i]:
279 L1.append(L1[0])
280 del L1[0]
281 R1.append(R1[0])
282 del R1[0]
283 j+=1
284 subKey.append(__permutata(__pc2, L1+R1))
285
286 return subKey
287 def __create_keys(K1):
288 subKey = []
289 key1 = __permutata (__pc1,__String_to_BitList(K1)) #转换成56位
290
291 # 由K1 生成1到5轮的子密钥
292 # 将key1分割左右各28位
293 L1 = key1[:28]
294 R1 = key1[28:]
295 for i in range(16):
296 j = 0
297 # 轮循环
298 while j < __left_rotations[i]:
299 L1.append(L1[0])
300 del L1[0]
301
302 R1.append(R1[0])
303 del R1[0]
304 j+=1
305 #压缩置换生成子密钥
306 subKey.append(__permutata(__pc2,L1+R1))
307 return subKey
308
309
310 def __des_crypt(block,crypt_type,K1,K2):
311 """加解密函数,block 是二进制块 64位 由crypt_type 指定"""
312 # 初始IP置换
313 block = __permutata(__ip, block)
314 #分块
315 L = block[:32]
316 R = block[32:]
317 if crypt_type == ENCRYPT:
318 iteration = 0
319 iteration_adjustment = 1
320 else :
321 iteration = 15
322 iteration_adjustment = -1
323 # 异或函数
324 xorfun = lambda x,y:x^y
325 # 生成子密钥
326 if K2=='':
327 Kn = __create_keys(K1)
328 print 'K2 is null'
329 else:
330 Kn = __create_sub_keys(K1, K2)
331 # 进行16轮加密
332
333 for i in range(16):
334 tempR = R[:] # Make a copy
335
336 # 扩展置换
337 R = __permutata(__expansion_table, R)
338
339 # 与子密钥进行异或
340 R = list(map(xorfun,R,Kn[iteration]))
341
342 # 将R分割成 6 * 8
343 B = [R[:6], R[6:12], R[12:18], R[18:24],
344 R[24:30], R[30:36], R[36:42],R[42:]]
345
346 # S盒代替 B[1] 到 B[8] 最终生成32位的Bn
347 pos = 0
348 Bn = [0]*32
349 for j in range(8):
350 m = (B[j][0] << 1) + B[j][5] # 计算行
351 n = (B[j][1]<<3) + (B[j][2]<<2) + (B[j][3]<<1) + (B[j][4]) # 计算列
352 # 得到S-盒 j的置换值
353 v = __sbox[j][(m<<4) + n] # m*16 + n
354 #转换成二进制
355 Bn[pos] = (v & 8) >> 3
356 Bn[pos + 1] = (v & 4) >>2
357 Bn[pos + 2] = (v & 2)>>1
358 Bn[pos + 3] = v & 1
359 pos += 4
360
361 R = __permutata(__p, Bn) # P - 盒代替
362 R = list(map(xorfun,R,L)) # 与 L 异或
363 L = tempR
364 iteration += iteration_adjustment
365
366 # 最后IP 置换
367 return __permutata(__fp, R+L)
368
369 def des_Crypt(data,crypt_type,K1,K2):
370 """ 加解密一段数据 ,默认采用PaddingPKCS5 填充方式"""
371 if not data:
372 return ''
373 # 检查数据是否为64位的整数倍
374 if len(data) % 8 !=0:
375 if crypt_type == DECRYPT:
376 raise ValueError("Invalid data length,data must be a "+
377 " mutiple of 8 bytes \n" )
378 else : #如果需要填充block使成为8字节的整数倍
379 pad_len = 8 - (len(data) % 8) # 计算需要填充的字节数pad_len
380 data +=pad_len * chr(pad_len) # 填充pad_len 的 chr(pad+len)
381
382 result = []
383 i = 0
384 while i < len(data):
385 block = __String_to_BitList(data[i:i+8]) # 8字节一块
386 processed_block = __des_crypt(block, crypt_type, K1, K2)
387 result.append(__BitList_to_String(processed_block))
388 i +=8
389
390 return ''.join(result)
391
392
393 def encrypt(data,K1,K2):
394 """ 加密一段数据data 使用默认的填充方式 :PKCS5
395 K1,K2 必须是8字节的"""
396
397 if len(K1) != 8:
398 raise ValueError("K1 不是 64 位的密钥!")
399 if K2!='' and len(K2)!= 8:
400 raise ValueError("K2 不是 64 位的密钥!")
401 return des_Crypt(data, ENCRYPT, K1, K2)
402
403 def decrypt(data,K1,K2):
404 if len(K1) != 8:
405 raise ValueError("K1 不是 64 位的密钥!")
406 if K2!='' and len(K2)!= 8:
407 raise ValueError("K2 不是 64 位的密钥!")
408 return des_Crypt(data, DECRYPT, K1, K2)
409
410
411
412
413 def test(data,K1,K2):
414 result = []
415 datal = __String_to_BitList(data)
416 bitK1=String_to_BitString(K1)
417 bit1=__String_to_BitList(K1)
418 bitK2=String_to_BitString(K2)
419 bit2 =__String_to_BitList(K2)
420
421 result.append(u'当前明文为: '+data+'\r\n')
422 result.append('K1: '+bitK1+'\r\n')
423 result.append('K2: '+bitK2+'\r\n')
424
425 result.append(u'修改明文从第1位到%d位,加密结果为:\r\n' % len(datal))
426 ret = encrypt(data,K1,K2)
427 last= String_to_BitString(ret)
428 for i in range(1,len(datal)):
429 count = 0
430 datal[i]=((datal[i]+1)%2)
431 dataw = __BitList_to_String(datal)
432 ret = encrypt(dataw,K1,K2)
433 retbit= String_to_BitString(ret)
434 y = 0
435 for x in retbit:
436 if x!=last[y]:
437 count +=1
438 y +=1
439 last = retbit
440 ret = String_to_HexString(ret)
441 result.append(ret+'--'+str(count)+'\r\n')
442 result.append(u'依次修改K1的第1到64位,加密结果为:\r\n')
443 for j in range(1,64):
444 count = 0
445 bit1[j] = ((bit1[j]+1)%2)
446 key1 = __BitList_to_String(bit1)
447 ret = encrypt(data,key1,K2)
448 retbit= String_to_BitString(ret)
449 y = 0
450 for x in retbit:
451 if x!=last[y]:
452 count +=1
453 y +=1
454 last = retbit
455 ret = String_to_HexString(ret)
456 result.append(ret+'--'+str(count)+'\r\n')
457 return result
458
459
460
用户提供两个八字节的密钥,如果K2为空的话,就用正常的DES算法进行加密解密。
最终的界面是用PyQt生成的,在这里就不贴代码了。
关于雪崩效应,比较直观的就是从左导游以此修改K1,K2每一位,比较相邻的密文位数不同数,以下是测试结果
AD1E12646B2E26F2--30
407E8BEB71BC5F99--33
680498794A4CCD19--26
92C7C068DE356052--32
592291A598F16DA6--32
D2A94561FF42A2A4--32
D2A94561FF42A2A4--0
9E7E639D0C8B4421--36
A1F2203F42D9D6E1--27
3E7603CAB57C65C1--34
FCF71350E872FA5A--29
1FDBAA7FE5448E7B--31
4810EA431046BB07--31
E8CD5347D31A0EE1--32
E8CD5347D31A0EE1--0
F58C76BF6CB3BBB7--34
25FE27D9C33658D6--31
822F3026D21A8FEF--36
EC8E2598281EFD5F--31
008E2F1F4E088F73--25
31F08C01879B54C5--36
1D032072D86CACFB--41
1D032072D86CACFB--0
40C562B0903CC5D1--25
8B5645229724F31B--29
E4FDB29F6CB9634D--42
E30E68107463FEE2--37
F20DD59A4E1FBFE4--26
2E8247BB5548A19A--34
765C9DCBC39EDAA0--36
765C9DCBC39EDAA0--0
BED319845779356F--37
6111D09C203BF201--34
8B81F3209E9EE7B5--32
BFDF2369216ED5D0--32
95DA18AABA1372AE--36
F0AB26E5F80C22BF--29
8E7113A9E6D8FD52--39
8E7113A9E6D8FD52--0
C2B5F3433FAE523C--35
0F16D7FE953988BC--32
98DF80D8CFF23C01--36
E0BF6AB506E1D66D--32
926966FC074F92C5--25
E2568409502AD380--33
D3A4686E70100238--31
D3A4686E70100238--0
CA9A8E2EFBF4DE3D--29
77841F69A5D9FF0D--30
999703F492763C88--35
C7B2652610DCC901--31
7363EE744BDB40CF--31
0D2BB66B498132AE--28
ADEAF9C416AD7046--31
ADEAF9C416AD7046--0
69381943DBA1B520--29
1B6CDEF36FC8D413--30
FF597D30DE1E8322--33
570DB55F35564DE5--33
3C46BE1B495004D4--27
C688D45EEEFE5B7F--39
8B88737E7CB51544--26
8B88737E7CB51544—0
从测试结果来看,明文或者密钥,每改变一位,都有一半左右的位数变化,这是良好雪崩效应的要求,由此可以看出雪崩效应效果很好。
密钥测试可以看出,DES数据加密中8字节的密钥,每个字节中最后一位都是校验位,对加密结果没有任何影响。
最后,关于三重DES,三重DES算法有效密钥是112长度的,也是使用两个56位密钥,当k1=k2时与基本的DES算法一样。
实现:
关于DES算法的安全性分析,网上论文有一大堆,搜一下便知。