DES加解密算法浅析
概述
DES是一个分组加密算法,它以64位为分组对数据加密。同时DES也是一个对称算法:加密和解密用的是同一个算法。DES是一个包含16个阶段的“替换–置换”的分组加密算法,64位的分组明文序列作为加密算法的输入,经过16轮加密得到64位的密文序列。
算法原理看下图:
原理浅析
DES算法主要分为3部分:加解密运算、f函数的处理、轮子密钥的生成,从右往左分别简单介绍一下。
轮子密钥的生成
数据表1
//PC-1
private int[] PC1={57,49,41,33,25,17,9,
1,58,50,42,34,26,18,
10,2,59,51,43,35,27,
19,11,3,60,52,44,36,
63,55,47,39,31,23,15,
7,62,54,46,38,30,22,
14,6,61,53,45,37,29,
21,13,5,28,20,12,4};
//PC-2
private int[] PC2={14,17,11,24,1,5,3,28,
15,6,21,10,23,19,12,4,
26,8,16,7,27,20,13,2,
41,52,31,37,47,55,30,40,
51,45,33,48,44,49,39,56,
34,53,46,42,50,36,29,32};
//Schedule of Left Shifts
private int[] LFT={1,1,2,2,2,2,2,2,1,2,2,2,2,2,2,1};16个子密钥的生成主要是利用了数据表1中的数表,首先将64位的初始密钥利用PC1压缩置换位56位的密钥,然后将其一分为二,这里记为C0和D0。这里28位的C0和28位的D0分别根据LET数组相应位置的值进行左移位得到C1和D1。这是将C1和D1合并根据PC2进行压缩置换得到48位的子密钥,而且注意C1和D1作为下轮的输入以用来产生下一个子密钥。
f函数的运算
数据表2
//E扩展
private int[] E={32,1,2,3,4,5,
4,5,6,7,8,9,
8,9,10,11,12,13,
12,13,14,15,16,17,
16,17,18,19,20,21,
20,21,22,23,24,25,
24,25,26,27,28,29,
28,29,30,31,32,1};
//P置换
private int[] P={16,7,20,21,29,12,28,17,
1,15,23,26,5,18,31,10,
2,8,24,14,32,27,3,9,
19,13,30,6,22,11,4,25};
private static final int[][][] S_Box = {//S-盒
{// S_Box[1]
{ 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7 },
{ 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8 },
{ 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0 },
{ 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13 } },
{ // S_Box[2]
{ 15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10 },
{ 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5 },
{ 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15 },
{ 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9 } },
{ // S_Box[3]
{ 10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8 },
{ 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1 },
{ 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7 },
{ 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12 } },
{ // S_Box[4]
{ 7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15 },
{ 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9 },
{ 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4 },
{ 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14 } },
{ // S_Box[5]
{ 2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9 },
{ 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6 },
{ 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14 },
{ 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3 } },
{ // S_Box[6]
{ 12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11 },
{ 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8 },
{ 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6 },
{ 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13 } },
{ // S_Box[7]
{ 4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1 },
{ 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6 },
{ 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2 },
{ 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12 } },
{ // S_Box[8]
{ 13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7 },
{ 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2 },
{ 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8 },
{ 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11 } }
};从原理图中可以看到,f函数的输入是明文分组的右半分组记为R和子密钥记为K。32位的R首先要利用数据表2中的E进行E盒扩展变换得到48位的数据,这里记为RE。然后将RE与K进行异或运算并将异或结果利用数据表2中的S_BOX进行S盒替换,得到48位的运算结果记为RS。再将RS利用数据表2中的P进行P盒替换,得到32位的最终结果,记为RF。到这里f函数的运算任务就完成了。
加解密运算
//初始置换
private int[] IP={58,50,42,34,26,18,10,2,
60,52,44,36,28,20,12,4,
62,54,46,38,30,22,14,6,
64,56,48,40,32,24,16,8,
57,49,41,33,25,17,9,1,
59,51,43,35,27,19,11,3,
61,53,45,37,29,21,13,5,
63,55,47,39,31,23,15,7};
//逆初始置换
private int[] IP_1={40,8,48,16,56,24,64,32,
39,7,47,15,55,23,63,31,
38,6,46,14,54,22,62,30,
37,5,45,13,53,21,61,29,
36,4,44,12,52,20,60,28,
35,3,43,11,51,19,59,27,
34,2,42,10,50,18,58,26,
33,1,41,9,49,17,57,25};在第一轮中将64位的明文分为L0和R0,则加密运算如下:
L1=R0
R1=L0⊕f(R0,K0)
然后按此公式进行16轮的运算。
代码实现
CustomDES
package com.lcx.des;
public class CustomDES {
//初始置换
private int[] IP = {58, 50, 42, 34, 26, 18, 10, 2,
60, 52, 44, 36, 28, 20, 12, 4,
62, 54, 46, 38, 30, 22, 14, 6,
64, 56, 48, 40, 32, 24, 16, 8,
57, 49, 41, 33, 25, 17, 9, 1,
59, 51, 43, 35, 27, 19, 11, 3,
61, 53, 45, 37, 29, 21, 13, 5,
63, 55, 47, 39, 31, 23, 15, 7};
//逆初始置换
private int[] IP_1 = {40, 8, 48, 16, 56, 24, 64, 32,
39, 7, 47, 15, 55, 23, 63, 31,
38, 6, 46, 14, 54, 22, 62, 30,
37, 5, 45, 13, 53, 21, 61, 29,
36, 4, 44, 12, 52, 20, 60, 28,
35, 3, 43, 11, 51, 19, 59, 27,
34, 2, 42, 10, 50, 18, 58, 26,
33, 1, 41, 9, 49, 17, 57, 25};//手残,数组数据没写全
//E扩展
private int[] E = {32, 1, 2, 3, 4, 5,
4, 5, 6, 7, 8, 9,
8, 9, 10, 11, 12, 13,
12, 13, 14, 15, 16, 17,
16, 17, 18, 19, 20, 21,
20, 21, 22, 23, 24, 25,
24, 25, 26, 27, 28, 29,
28, 29, 30, 31, 32, 1};
//P置换
private int[] P = {16, 7, 20, 21, 29, 12, 28, 17,
1, 15, 23, 26, 5, 18, 31, 10,
2, 8, 24, 14, 32, 27, 3, 9,
19, 13, 30, 6, 22, 11, 4, 25};
private static final int[][][] S_Box = {
{
{14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7},
{0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8},
{4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0},
{15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13}},
{
{15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10},
{3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5},
{0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15},
{13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9}},
{
{10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8},
{13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1},
{13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7},
{1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12}},
{
{7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15},
{13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9},
{10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4},
{3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14}},
{
{2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9},
{14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6},
{4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14},
{11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3}},
{
{12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11},
{10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8},
{9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6},
{4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13}},
{
{4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1},
{13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6},
{1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2},
{6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12}},
{
{13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7},
{1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2},
{7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8},
{2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11}}
};
//PC-1
private int[] PC1 = {57, 49, 41, 33, 25, 17, 9,
1, 58, 50, 42, 34, 26, 18,
10, 2, 59, 51, 43, 35, 27,
19, 11, 3, 60, 52, 44, 36,
63, 55, 47, 39, 31, 23, 15,
7, 62, 54, 46, 38, 30, 22,
14, 6, 61, 53, 45, 37, 29,
21, 13, 5, 28, 20, 12, 4};
//PC-2
private int[] PC2 = {14, 17, 11, 24, 1, 5, 3, 28,
15, 6, 21, 10, 23, 19, 12, 4,
26, 8, 16, 7, 27, 20, 13, 2,
41, 52, 31, 37, 47, 55, 30, 40,
51, 45, 33, 48, 44, 49, 39, 56,
34, 53, 46, 42, 50, 36, 29, 32};
//Schedule of Left Shifts
private int[] LFT = {1, 1, 2, 2, 2, 2, 2, 2, 1, 2, 2, 2, 2, 2, 2, 1};
/**
* 加密轮数
**/
private static final int LOOP_NUM = 16;
private String[] keys = new String[LOOP_NUM];
private String[] pContent;
private String[] cContent;
private int origin_length;
/**
* 16个子密钥
**/
private int[][] sub_key = new int[16][48];
private String content;
private int p_origin_length;
public CustomDES(String key, String content) {
this.content = content;
p_origin_length = content.getBytes().length;
generateKeys(key);
}
/****拆分分组****/
public byte[] deal(byte[] p, int flag) {
origin_length = p.length;
int g_num;
int r_num;
g_num = origin_length / 8;
r_num = 8 - (origin_length - g_num * 8);//8不填充
byte[] p_padding;
/****填充********/
if (r_num < 8) {
p_padding = new byte[origin_length + r_num];
System.arraycopy(p, 0, p_padding, 0, origin_length);
for (int i = 0; i < r_num; i++) {
p_padding[origin_length + i] = (byte) r_num;
}
} else {
p_padding = p;
}
g_num = p_padding.length / 8;
byte[] f_p = new byte[8];
byte[] result_data = new byte[p_padding.length];
for (int i = 0; i < g_num; i++) {
System.arraycopy(p_padding, i * 8, f_p, 0, 8);
System.arraycopy(descryUnit(f_p, sub_key, flag), 0, result_data, i * 8, 8);
}
if (flag == 0) {//解密
byte[] p_result_data = new byte[p_origin_length];
System.arraycopy(result_data, 0, p_result_data, 0, p_origin_length);
return p_result_data;
}
return result_data;
}
/**
* 加密
**/
public byte[] descryUnit(byte[] p, int k[][], int flag) {
int[] p_bit = new int[64];
StringBuilder stringBuilder = new StringBuilder();
for (int i = 0; i < 8; i++) {
String p_b = Integer.toBinaryString(p[i] & 0xff);
while (p_b.length() % 8 != 0) {
p_b = "0" + p_b;
}
stringBuilder.append(p_b);
}
String p_str = stringBuilder.toString();
for (int i = 0; i < 64; i++) {
int p_t = Integer.valueOf(p_str.charAt(i));
if (p_t == 48) {
p_t = 0;
} else if (p_t == 49) {
p_t = 1;
} else {
System.out.println("To bit error!");
}
p_bit[i] = p_t;
}
/***IP置换***/
int[] p_IP = new int[64];
for (int i = 0; i < 64; i++) {
p_IP[i] = p_bit[IP[i] - 1];
}
if (flag == 1) { // 加密
for (int i = 0; i < 16; i++) {
L(p_IP, i, flag, k[i]);
}
} else if (flag == 0) { // 解密
for (int i = 15; i > -1; i--) {
L(p_IP, i, flag, k[i]);
}
}
int[] c = new int[64];
for (int i = 0; i < IP_1.length; i++) {
c[i] = p_IP[IP_1[i] - 1];
}
byte[] c_byte = new byte[8];
for (int i = 0; i < 8; i++) {
c_byte[i] = (byte) ((c[8 * i] << 7) + (c[8 * i + 1] << 6) + (c[8 * i + 2] << 5) + (c[8 * i + 3] << 4) + (c[8 * i + 4] << 3) + (c[8 * i + 5] << 2) + (c[8 * i + 6] << 1) + (c[8 * i + 7]));
}
return c_byte;
}
public void L(int[] M, int times, int flag, int[] keyarray) {
int[] L0 = new int[32];
int[] R0 = new int[32];
int[] L1 = new int[32];
int[] R1 = new int[32];
int[] f = new int[32];
System.arraycopy(M, 0, L0, 0, 32);
System.arraycopy(M, 32, R0, 0, 32);
L1 = R0;
f = fFuction(R0, keyarray);
for (int j = 0; j < 32; j++) {
R1[j] = L0[j] ^ f[j];
if (((flag == 0) && (times == 0)) || ((flag == 1) && (times == 15))) {
M[j] = R1[j];
M[j + 32] = L1[j];
} else {
M[j] = L1[j];
M[j + 32] = R1[j];
}
}
}
public int[] fFuction(int[] r_content, int[] key) {
int[] result = new int[32];
int[] e_k = new int[48];
for (int i = 0; i < E.length; i++) {
e_k[i] = r_content[E[i] - 1] ^ key[i];
}
/********S盒替换:由48位变32位,现分割e_k,然后再进行替换*********/
int[][] s = new int[8][6];
int[] s_after = new int[32];
for (int i = 0; i < 8; i++) {
System.arraycopy(e_k, i * 6, s[i], 0, 6);
int r = (s[i][0] << 1) + s[i][5];//横坐标
int c = (s[i][1] << 3) + (s[i][2] << 2) + (s[i][3] << 1) + s[i][4];//纵坐标
String str = Integer.toBinaryString(S_Box[i][r][c]);
while (str.length() < 4) {
str = "0" + str;
}
for (int j = 0; j < 4; j++) {
int p = Integer.valueOf(str.charAt(j));
if (p == 48) {
p = 0;
} else if (p == 49) {
p = 1;
} else {
System.out.println("To bit error!");
}
s_after[4 * i + j] = p;
}
}
/******S盒替换结束*******/
/****P盒替代****/
for (int i = 0; i < P.length; i++) {
result[i] = s_after[P[i] - 1];
}
return result;
}
/**
* 生成子密钥
**/
public void generateKeys(String key) {
while (key.length() < 8) {
key = key + key;
}
key = key.substring(0, 8);
byte[] keys = key.getBytes();
int[] k_bit = new int[64];
//取位值
for (int i = 0; i < 8; i++) {
String k_str = Integer.toBinaryString(keys[i] & 0xff);
if (k_str.length() < 8) {
int k_size = k_str.length();
for (int t = 0; t < 8 - k_size; t++) {
k_str = "0" + k_str;
}
}
for (int j = 0; j < 8; j++) {
int p = Integer.valueOf(k_str.charAt(j));
if (p == 48) {
p = 0;
} else if (p == 49) {
p = 1;
} else {
System.out.println("To bit error!");
}
k_bit[i * 8 + j] = p;
}
}
//k_bit是初始的64位长密钥,下一步开始进行替换
/***********PC-1压缩****************/
int[] k_new_bit = new int[56];
for (int i = 0; i < PC1.length; i++) {
k_new_bit[i] = k_bit[PC1[i] - 1];/这个减1注意点
}
/**************************/
int[] c0 = new int[28];
int[] d0 = new int[28];
System.arraycopy(k_new_bit, 0, c0, 0, 28);
System.arraycopy(k_new_bit, 28, d0, 0, 28);
for (int i = 0; i < 16; i++) {
int[] c1 = new int[28];
int[] d1 = new int[28];
if (LFT[i] == 1) {
System.arraycopy(c0, 1, c1, 0, 27);
c1[27] = c0[0];
System.arraycopy(d0, 1, d1, 0, 27);
d1[27] = d0[0];
} else if (LFT[i] == 2) {
System.arraycopy(c0, 2, c1, 0, 26);
c1[26] = c0[0];
c1[27] = c0[1];//这里手残之前写成c1
System.arraycopy(d0, 2, d1, 0, 26);
d1[26] = d0[0];
d1[27] = d0[1];
} else {
System.out.println("LFT Error!");
}
int[] tmp = new int[56];
System.arraycopy(c1, 0, tmp, 0, 28);
System.arraycopy(d1, 0, tmp, 28, 28);
for (int j = 0; j < PC2.length; j++) {//PC2压缩置换
sub_key[i][j] = tmp[PC2[j] - 1];
}
c0 = c1;
d0 = d1;
}
}
}CustomDESTest
package com.lcx.des;
public class CustomDESTest {
public static void main(String[] args){
String origin="https://www.lisongbai.top";
System.out.println("原文:\n"+origin);
CustomDES customDES=new CustomDES("LCX",origin);
byte[] c=customDES.deal(origin.getBytes(),1);
System.out.println("密文:\n"+new String(c));
byte[]p=customDES.deal(c,0);
byte[] p_d=new byte[origin.getBytes().length];
System.arraycopy(p,0,p_d,0,origin.getBytes().length);
System.out.println("明文:\n"+new String(p));
}
}测试结果如下:
感悟心得
通过自己动手实现DES加密解密算法,我对DES的加密解密过程有了更深的认识,之前在课堂上知识大致了解了一下流程,很多细节方面的知识并不是很了解,在这次大作业中,查阅了很多资料,对DES加密算法有了更多的体会。
DES加密是堆成加密的经典算法,通过它的实现过程发现它使用了很多次置换法,采用了混乱和扩散的组合,每个组合先替换后置换,共进行了16轮,其中充分利用了S盒的非对称性运算,大大增加了破解难度,在没有密钥的情况下,破解者之恶能通过穷举法来破解密钥,这种破解方法费时费力,所以DES的安全性还是挺高的。
通过这此大作业,我体会到了密码学中加密设计的有趣之处,在只接触到理论知识的时候,觉得加密算法只是枯燥的迭代运算,实践后才觉得枯燥的迭代运算正是它设计的奥秘所在。在以后的学习过程中,努力做到知其然并知其所以然。
本文章为转载内容,我们尊重原作者对文章享有的著作权。如有内容错误或侵权问题,欢迎原作者联系我们进行内容更正或删除文章。
