Cryptography Reference
In-Depth Information
output = ( unsigned char * ) malloc( out_len + 1 );
if ( !( strcmp( argv[ 1 ], “-e” ) ) )
{
des_encrypt( input, input_len, output, iv, key );
show_hex( output, out_len );
}
else if ( !( strcmp( argv[ 1 ], “-d” ) ) )
{
des_decrypt( input, input_len, output, iv, key );
show_hex( output, out_len );
}
else
{
fprintf( stderr, “Usage: %s [-e|-d] <key> <iv> <input>\n”, argv[ 0 ] );
}
free( input );
free( iv );
free( key );
free( output );
return 0;
}
Now you can decrypt the example:
[jdavies@localhost ssl]$ ./des -d password initialz \
0x71828547387b18e5
6162636465666768
Notice that the output here is hex-coded; 6162636465666768 is the ASCII rep-
resentation of abcdefgh. The key and initialization vector were also changed to
allow hex-coded inputs. In general, real DES keys and initialization vectors are
not printable-ASCII characters, but they draw from a larger pool of potential
input bytes.
Using the Triple-DES Encryption Algorithm to Increase
Key Length
DES is secure. After forty years of cryptanalysis, no feasible attack has been
demonstrated; if anybody has cracked it, they've kept it a secret. Unfortunately,
the 56-bit key length is built into the algorithm. Increasing the key length requires
redesigning the algorithm completely because the s-boxes and the permutations
are specifi c to a 64-bit input. 56 bits is not very many, these days. 2
56
possible
keys means that the most naïve brute-force attack would need to try, on the
average, 2
55
(2
56
/ 2), or 36,028,797,018,963,968 (about 36,000 trillion operations)
Search WWH ::
Custom Search