Exploring DES, Modes of encryption
© Mike May, S. J., 2002, maymk@slu.edu
| > | restart: |
This worksheet does some exploration of DES. It focuses on the 4 standard modes of using DES to encrypt and decrypt longer message .
Before you start this worksheet, you need to establish the file DES.m with a collection of constants and functions used by this worksheet. This can be done by opening the worksheets entitled DES constants and DES functions and executing everything on those worksheets to define all the constants and functions we need.
This worksheet assumes that you have worked through the worksheet DES Example which looks at the mechanics of DES encryption on a single block of data. (You don't require to have done that in this session. We don't need results defined on that worksheet to make this one run.)
| > | read `DES.m`: |
We want to start with a standard key and a standard message for this worksheet.
| > | plaintext := "Good morning Mr. Phelps. Your mission, should you choose to accept it, is to learn to use DES."; DESkeyASCII := "Be-Happy"; |
We want to convert our key to a hex string. Then we want to expand the key out to the 16 subkeys.
| > | hexkey := ASCII2hex16(DESkeyASCII); keytable := keyexpander(hexkey): |
We also want to break our message into a list of hexwords.
| > | plainhex := asciistrtohexword(plaintext); plainlength := linalg[vectdim](plainhex); |
Since our message is 12 blocks long we will need to use DES 12 times to encode our standard message.
Mode 1 - ECB - Electronic Code Book mode
The easiest mode to understand is the ECB mode. This mode simply applied DES to each message block in turn. The mode is easy to understand, can be adapted to parallel processing, and errors in one block of message do not cause problems in later blocks.
| > | ECBcipher := linalg[vector](plainlength): for i from 1 to plainlength do ECBcipher[i] := qdDEShex(plainhex[i],keytable): od; print(ECBcipher); |
![ECBcipher[1] := `752220C5FD43A428`](images/DESModes/DES-Modes9.gif){kind=small}
![ECBcipher[2] := BB1C43EAF39906D1](images/DESModes/DES-Modes10.gif){kind=small}
![ECBcipher[3] := `7938031E97FA3AA4`](images/DESModes/DES-Modes11.gif){kind=small}
![ECBcipher[4] := `7540CBA014C43E48`](images/DESModes/DES-Modes12.gif){kind=small}
![ECBcipher[5] := `5AEF081B303DFDC2`](images/DESModes/DES-Modes13.gif){kind=small}
![ECBcipher[6] := F278EF6F34EE1BA0](images/DESModes/DES-Modes14.gif){kind=small}
![ECBcipher[7] := EC3065BC54539DF7](images/DESModes/DES-Modes15.gif){kind=small}
![ECBcipher[8] := `6332B8C57B8D9522`](images/DESModes/DES-Modes16.gif){kind=small}
![ECBcipher[9] := `472A75F168F49681`](images/DESModes/DES-Modes17.gif){kind=small}
![ECBcipher[10] := EF91FE7336918244](images/DESModes/DES-Modes18.gif){kind=small}
![ECBcipher[11] := `84B3F8C6CAF52ECB`](images/DESModes/DES-Modes19.gif){kind=small}
![ECBcipher[12] := `1451581B7832EFF1`](images/DESModes/DES-Modes20.gif){kind=small}
For decryption in this mode we simply apply unDEShex to each cipherblock in turn.
| > | outofECB := linalg[vector](plainlength): for i from 1 to plainlength do outofECB[i] := unDEShex(ECBcipher[i],keytable): od: print(outofECB); |
| > | hexwordtoasciistr(outofECB); |
Exercises:
1) Create a short message (50-150 characters) that you want to encrypt. Encrypt it with DES and the standard key. Make sure that you can decrypt the message. Post your message to the bulletin board and decrypt someone else's message. (You probably want to avoid the variable names plainmess, plainhex, and plainlength, since we may want to use the current values of those variables later in the worksheet.)
| > |
2) Pick a DES key. (It can be either 8 ASCII characters or 16 hex characters.) Expand your key into a list of 16 subkeys. (You probably want to avoid the variable names DESkeyASCII, hexkey, and keytable).
| > |
3) Use your key to encode the the standard message. Make sure that it decodes as well.
| > |
Mode 2 - CBC - Cipher Block Chaining
The next mode is the CBC or Cipher Block Chaining mode. In this mode each block is XORed with the previous cipherblock before encryption. For the first block we start with an initialization vector. For this worksheet, we will use`0123456789ABCDEF` as the initialization vector. In real practice, it is not unusual to start with the zero vector as the initial vector.
| > | IVhex := `0123456789ABCDEF`: CBCfeedin := linalg[vector](plainlength): CBCcipher := linalg[vector](plainlength): CBCfeedin[1] := xor64hex(IVhex, plainhex[1]); CBCcipher[1] := qdDEShex(CBCfeedin[1],keytable); for i from 2 to plainlength do CBCfeedin[i] := xor64hex(CBCcipher[i-1], plainhex[i]); CBCcipher[i] := qdDEShex(CBCfeedin[i],keytable): od; print(CBCcipher); |
![CBCfeedin[1] := `464C2A03A9C6A29D`](images/DESModes/DES-Modes29.gif){kind=small}
![CBCcipher[1] := AEC5FF912E54F3FB](images/DESModes/DES-Modes30.gif){kind=small}
![CBCfeedin[2] := C0AC91F60E1981D5](images/DESModes/DES-Modes31.gif){kind=small}
![CBCcipher[2] := `8CAA6750C9AAB14E`](images/DESModes/DES-Modes32.gif){kind=small}
![CBCfeedin[3] := ACFA0F35A5DAC260](images/DESModes/DES-Modes33.gif){kind=small}
![CBCcipher[3] := CA63969B458CBEE2](images/DESModes/DES-Modes34.gif){kind=small}
![CBCfeedin[4] := EA43CFF430FE9E8F](images/DESModes/DES-Modes35.gif){kind=small}
![CBCcipher[4] := `8C5B07206B194975`](images/DESModes/DES-Modes36.gif){kind=small}
![CBCfeedin[5] := E52874490477657F](images/DESModes/DES-Modes37.gif){kind=small}
![CBCcipher[5] := `4F039292B903EDA7`](images/DESModes/DES-Modes38.gif){kind=small}
![CBCfeedin[6] := `3C6BFDE7D567CDDE`](images/DESModes/DES-Modes39.gif){kind=small}
![CBCcipher[6] := E17C92B174D0AC6F](images/DESModes/DES-Modes40.gif){kind=small}
![CBCfeedin[7] := `8E09B2D21CBFC31C`](images/DESModes/DES-Modes41.gif){kind=small}
![CBCcipher[7] := CAC60CB3A5A66FDB](images/DESModes/DES-Modes42.gif){kind=small}
![CBCfeedin[8] := AFE678DC85C70CB8](images/DESModes/DES-Modes43.gif){kind=small}
![CBCcipher[8] := A1E58BA294435B80](images/DESModes/DES-Modes44.gif){kind=small}
![CBCfeedin[9] := C495FF82FD3777A0](images/DESModes/DES-Modes45.gif){kind=small}
![CBCcipher[9] := `30FD78788C6B292E`](images/DESModes/DES-Modes46.gif){kind=small}
![CBCfeedin[10] := `598E580CE34B454B`](images/DESModes/DES-Modes47.gif){kind=small}
![CBCcipher[10] := D9946602E9546C62](images/DESModes/DES-Modes48.gif){kind=small}
![CBCfeedin[11] := B8E608229D3B4C17](images/DESModes/DES-Modes49.gif){kind=small}
![CBCcipher[11] := `4F07A9BC687B9CDF`](images/DESModes/DES-Modes50.gif){kind=small}
![CBCfeedin[12] := `3C6289F82D28B2DF`](images/DESModes/DES-Modes51.gif){kind=small}
![CBCcipher[12] := `783137EC03B62850`](images/DESModes/DES-Modes52.gif){kind=small}
To decipher in this mode we unDES each block, then XOR the result with the previous block of plaintext result. Note that we treat the initialization vector as the zeroth block of plaintext.
| > | outofCBC := linalg[vector](plainlength): CBCbeforeXOR := linalg[vector](plainlength): CBCbeforeXOR[1] := unDEShex(CBCcipher[1],keytable); outofCBC[1] := xor64hex(CBCbeforeXOR[1], IVhex); for i from 2 to plainlength do CBCbeforeXOR[i] := unDEShex(CBCcipher[i],keytable): outofCBC[i] := xor64hex(CBCbeforeXOR[i], CBCcipher[i-1]); od; print(CBCcipher); print(outofECB); hexwordtoasciistr(outofCBC); |
![CBCbeforeXOR[1] := `464C2A03A9C6A29D`](images/DESModes/DES-Modes56.gif){kind=small}
![outofCBC[1] := `476F6F64206D6F72`](images/DESModes/DES-Modes57.gif){kind=small}
![CBCbeforeXOR[2] := C0AC91F60E1981D5](images/DESModes/DES-Modes58.gif){kind=small}
![outofCBC[2] := `6E696E67204D722E`](images/DESModes/DES-Modes59.gif){kind=small}
![CBCbeforeXOR[3] := ACFA0F35A5DAC260](images/DESModes/DES-Modes60.gif){kind=small}
![outofCBC[3] := `205068656C70732E`](images/DESModes/DES-Modes61.gif){kind=small}
![CBCbeforeXOR[4] := EA43CFF430FE9E8F](images/DESModes/DES-Modes62.gif){kind=small}
![outofCBC[4] := `2020596F7572206D`](images/DESModes/DES-Modes63.gif){kind=small}
![CBCbeforeXOR[5] := E52874490477657F](images/DESModes/DES-Modes64.gif){kind=small}
![outofCBC[5] := `697373696F6E2C0A`](images/DESModes/DES-Modes65.gif){kind=small}
![CBCbeforeXOR[6] := `3C6BFDE7D567CDDE`](images/DESModes/DES-Modes66.gif){kind=small}
![outofCBC[6] := `73686F756C642079`](images/DESModes/DES-Modes67.gif){kind=small}
![CBCbeforeXOR[7] := `8E09B2D21CBFC31C`](images/DESModes/DES-Modes68.gif){kind=small}
![outofCBC[7] := `6F752063686F6F73`](images/DESModes/DES-Modes69.gif){kind=small}
![CBCbeforeXOR[8] := AFE678DC85C70CB8](images/DESModes/DES-Modes70.gif){kind=small}
![outofCBC[8] := `6520746F20616363`](images/DESModes/DES-Modes71.gif){kind=small}
![CBCbeforeXOR[9] := C495FF82FD3777A0](images/DESModes/DES-Modes72.gif){kind=small}
![outofCBC[9] := `6570742069742C20`](images/DESModes/DES-Modes73.gif){kind=small}
![CBCbeforeXOR[10] := `598E580CE34B454B`](images/DESModes/DES-Modes74.gif){kind=small}
![outofCBC[10] := `697320746F206C65`](images/DESModes/DES-Modes75.gif){kind=small}
![CBCbeforeXOR[11] := B8E608229D3B4C17](images/DESModes/DES-Modes76.gif){kind=small}
![outofCBC[11] := `61726E20746F2075`](images/DESModes/DES-Modes77.gif){kind=small}
![CBCbeforeXOR[12] := `3C6289F82D28B2DF`](images/DESModes/DES-Modes78.gif){kind=small}
![outofCBC[12] := `7365204445532E00`](images/DESModes/DES-Modes79.gif){kind=small}
Exercises:
4) Encrypt your short message with DES and the standard key using CBC mode. Make sure that you can decrypt the message. Post your message to the bulletin board and decrypt someone else's message.
| > |
5) Use your key to encode the the standard message with DES in CBC mode. Make sure that you can decrypt back to the standard message.
| > |
Mode 3 - CFB - Cipher Feedback Mode
CFB looks very similar to CBC. The difference between the two modes is that CBC does an XOR, then encrypts, while CFB encrypts then does an XOR. The advantage of CFB is the encryption part can be done before the block of message is entered. That makes this mode better for devices where we want to encrypt a character or bit at a time.
| > | CFBoutput := linalg[vector](plainlength): CFBcipher := linalg[vector](plainlength): CFBcipher[1] := qdDEShex(IVhex,keytable); CFBoutput[1] := xor64hex(CFBcipher[1], plainhex[1]); for i from 2 to plainlength do CFBcipher[i] := qdDEShex(CFBoutput[i-1],keytable): CFBoutput[i] := xor64hex(CFBcipher[i], plainhex[i]); od; print(CFBoutput); |
![CFBcipher[1] := B4A9495FF15BFE6C](images/DESModes/DES-Modes88.gif){kind=small}
![CFBoutput[1] := F3C6263BD136911E](images/DESModes/DES-Modes89.gif){kind=small}
![CFBcipher[2] :=](images/DESModes/DES-Modes90.gif){kind=small}
![CFBoutput[2] := `69447C8DE65C15AD`](images/DESModes/DES-Modes91.gif){kind=small}
![CFBcipher[3] := EC96E0796228835C](images/DESModes/DES-Modes92.gif){kind=small}
![CFBoutput[3] := CCC6881C0E58F072](images/DESModes/DES-Modes93.gif){kind=small}
![CFBcipher[4] := `9543CC6BB9C0325B`](images/DESModes/DES-Modes94.gif){kind=small}
![CFBoutput[4] := B5639504CCB21236](images/DESModes/DES-Modes95.gif){kind=small}
![CFBcipher[5] := A622BB7B1EFEA9B4](images/DESModes/DES-Modes96.gif){kind=small}
![CFBoutput[5] := CF51C812719085BE](images/DESModes/DES-Modes97.gif){kind=small}
![CFBcipher[6] := DB7F0CEF8FC94A7A](images/DESModes/DES-Modes98.gif){kind=small}
![CFBoutput[6] := A817639AE3AD6A03](images/DESModes/DES-Modes99.gif){kind=small}
![CFBcipher[7] := `455A024403C59B33`](images/DESModes/DES-Modes100.gif){kind=small}
![CFBoutput[7] := `2A2F22276BAAF440`](images/DESModes/DES-Modes101.gif){kind=small}
![CFBcipher[8] := `64D5320F5C5CFE6B`](images/DESModes/DES-Modes102.gif){kind=small}
![CFBoutput[8] :=](images/DESModes/DES-Modes103.gif){kind=small}
![CFBcipher[9] := D9AF107A145AA82E](images/DESModes/DES-Modes104.gif){kind=small}
![CFBoutput[9] := BCDF645A7D2E840E](images/DESModes/DES-Modes105.gif){kind=small}
![CFBcipher[10] := `71EB7B30C8492A1B`](images/DESModes/DES-Modes106.gif){kind=small}
![CFBoutput[10] := `18985B44A769467E`](images/DESModes/DES-Modes107.gif){kind=small}
![CFBcipher[11] := `487839D0F729226C`](images/DESModes/DES-Modes108.gif){kind=small}
![CFBoutput[11] := `290A57F083460219`](images/DESModes/DES-Modes109.gif){kind=small}
![CFBcipher[12] := `506CEDA47A3A5E69`](images/DESModes/DES-Modes110.gif){kind=small}
![CFBoutput[12] := `2309CDE03F697069`](images/DESModes/DES-Modes111.gif){kind=small}
To decrypt in this mode, we want to XOR each cipher block with the result of encrypting the previous ciphertext block. Note that the decryption algorithm uses encryption rather than decryption for DES.
| > | outofCFB := linalg[vector](plainlength): CFBunDES := linalg[vector](plainlength): CFBunDES[1] := qdDEShex(IVhex,keytable); outofCFB[1] := xor64hex(CFBunDES[1], CFBoutput[1]); for i from 2 to plainlength do CFBunDES[i] := qdDEShex(CFBoutput[i-1],keytable): outofCFB[i] := xor64hex(CFBoutput[i], CFBunDES[i]); od; print(CFBunDES); print(outofCFB); hexwordtoasciistr(outofCFB); |
![CFBunDES[1] := B4A9495FF15BFE6C](images/DESModes/DES-Modes115.gif){kind=small}
![outofCFB[1] := `476F6F64206D6F72`](images/DESModes/DES-Modes116.gif){kind=small}
![CFBunDES[2] :=](images/DESModes/DES-Modes117.gif){kind=small}
![outofCFB[2] := `6E696E67204D722E`](images/DESModes/DES-Modes118.gif){kind=small}
![CFBunDES[3] := EC96E0796228835C](images/DESModes/DES-Modes119.gif){kind=small}
![outofCFB[3] := `205068656C70732E`](images/DESModes/DES-Modes120.gif){kind=small}
![CFBunDES[4] := `9543CC6BB9C0325B`](images/DESModes/DES-Modes121.gif){kind=small}
![outofCFB[4] := `2020596F7572206D`](images/DESModes/DES-Modes122.gif){kind=small}
![CFBunDES[5] := A622BB7B1EFEA9B4](images/DESModes/DES-Modes123.gif){kind=small}
![outofCFB[5] := `697373696F6E2C0A`](images/DESModes/DES-Modes124.gif){kind=small}
![CFBunDES[6] := DB7F0CEF8FC94A7A](images/DESModes/DES-Modes125.gif){kind=small}
![outofCFB[6] := `73686F756C642079`](images/DESModes/DES-Modes126.gif){kind=small}
![CFBunDES[7] := `455A024403C59B33`](images/DESModes/DES-Modes127.gif){kind=small}
![outofCFB[7] := `6F752063686F6F73`](images/DESModes/DES-Modes128.gif){kind=small}
![CFBunDES[8] := `64D5320F5C5CFE6B`](images/DESModes/DES-Modes129.gif){kind=small}
![outofCFB[8] := `6520746F20616363`](images/DESModes/DES-Modes130.gif){kind=small}
![CFBunDES[9] := D9AF107A145AA82E](images/DESModes/DES-Modes131.gif){kind=small}
![outofCFB[9] := `6570742069742C20`](images/DESModes/DES-Modes132.gif){kind=small}
![CFBunDES[10] := `71EB7B30C8492A1B`](images/DESModes/DES-Modes133.gif){kind=small}
![outofCFB[10] := `697320746F206C65`](images/DESModes/DES-Modes134.gif){kind=small}
![CFBunDES[11] := `487839D0F729226C`](images/DESModes/DES-Modes135.gif){kind=small}
![outofCFB[11] := `61726E20746F2075`](images/DESModes/DES-Modes136.gif){kind=small}
![CFBunDES[12] := `506CEDA47A3A5E69`](images/DESModes/DES-Modes137.gif){kind=small}
![outofCFB[12] := `7365204445532E00`](images/DESModes/DES-Modes138.gif){kind=small}
Exercises
6) Encrypt your short message with DES and the standard key using CFB mode. Make sure that you can decrypt the message. Post your message to the bulletin board and decrypt someone else's message.
| > |
7) Use your key to encode the the standard message with DES in CFB mode. Make sure that you can decrypt back to the standard message.
| > |
Mode 4 - OFB - Output Feedback mode
In many ways this fourth mode is a return to the one time pad with DES used as a generator of a pseudo random string. Once again we start with an initialization vector. This time we simply chain the encryption of the initialization vector back on itself without any interaction with the message. We then XOR the message with the bitstream we have produced. Since this is essentially a one time pad, it is crucial that each message start with a different initialization vector.
| > | OFBoutput := linalg[vector](plainlength): OFBbinpad := qdDEShex(IVhex,keytable); for i from 1 to plainlength do CFBoutput[i] := xor64hex(OFBbinpad, plainhex[i]); OFBbinpad := qdDEShex(OFBbinpad,keytable); od; print(CFBoutput); |
![CFBoutput[1] := F3C6263BD136911E](images/DESModes/DES-Modes148.gif){kind=small}
![CFBoutput[2] := F117694D6B51E9EF](images/DESModes/DES-Modes150.gif){kind=small}
![CFBoutput[3] := `13DC608565A3C546`](images/DESModes/DES-Modes152.gif){kind=small}
![CFBoutput[4] := `5A7F6CD14F3774C7`](images/DESModes/DES-Modes154.gif){kind=small}
![CFBoutput[5] :=](images/DESModes/DES-Modes156.gif){kind=small}
![CFBoutput[6] := E681A56832E53C1D](images/DESModes/DES-Modes158.gif){kind=small}
![CFBoutput[7] :=](images/DESModes/DES-Modes160.gif){kind=small}
![CFBoutput[8] := A32FA71F9B6E560A](images/DESModes/DES-Modes162.gif){kind=small}
![CFBoutput[9] := `5EE8F7D581C4C3C1`](images/DESModes/DES-Modes164.gif){kind=small}
![CFBoutput[10] := `7993B756C8DEEFFF`](images/DESModes/DES-Modes166.gif){kind=small}
![CFBoutput[11] := `459DB6D6E27E691B`](images/DESModes/DES-Modes168.gif){kind=small}
![CFBoutput[12] := `4767BE489A3976C1`](images/DESModes/DES-Modes170.gif){kind=small}
Note that the creation of OFBbinpad does not interact with the message. It could be done separately.
Once again we want to decipher the message to get back to the original message.
| > | outofOFB := linalg[vector](plainlength): OFBbinpad := qdDEShex(IVhex,keytable); for i from 1 to plainlength do outofOFB[i] := xor64hex(OFBbinpad, CFBoutput[i]); OFBbinpad := qdDEShex(OFBbinpad,keytable); od; print(outofOFB); hexwordtoasciistr(outofOFB); |
![outofOFB[1] := `476F6F64206D6F72`](images/DESModes/DES-Modes176.gif){kind=small}
![outofOFB[2] := `6E696E67204D722E`](images/DESModes/DES-Modes178.gif){kind=small}
![outofOFB[3] := `205068656C70732E`](images/DESModes/DES-Modes180.gif){kind=small}
![outofOFB[4] := `2020596F7572206D`](images/DESModes/DES-Modes182.gif){kind=small}
![outofOFB[5] := `697373696F6E2C0A`](images/DESModes/DES-Modes184.gif){kind=small}
![outofOFB[6] := `73686F756C642079`](images/DESModes/DES-Modes186.gif){kind=small}
![outofOFB[7] := `6F752063686F6F73`](images/DESModes/DES-Modes188.gif){kind=small}
![outofOFB[8] := `6520746F20616363`](images/DESModes/DES-Modes190.gif){kind=small}
![outofOFB[9] := `6570742069742C20`](images/DESModes/DES-Modes192.gif){kind=small}
![outofOFB[10] := `697320746F206C65`](images/DESModes/DES-Modes194.gif){kind=small}
![outofOFB[11] := `61726E20746F2075`](images/DESModes/DES-Modes196.gif){kind=small}
![outofOFB[12] := `7365204445532E00`](images/DESModes/DES-Modes198.gif){kind=small}
Exercises:
8) Encrypt your short message with DES and the standard key using OFB mode. Make sure that you can decrypt the message. Post your message to the bulletin board and decrypt someone else's message.
| > |
9) Use your key to encode the the standard message with DES in OFB mode. Make sure that you can decrypt back to the standard message.
| > |