|
DES Algorithm - Operation Modes and JCE SUN Implementation
Part:
1
2
3
(Continued from previous part...)
KeySpec ks = new DESKeySpec(theKey);
SecretKeyFactory kf
= SecretKeyFactory.getInstance("DES");
SecretKey ky = kf.generateSecret(ks);
Cipher cf = Cipher.getInstance(algorithm);
if (theIVp == null) {
cf.init(Cipher.ENCRYPT_MODE, ky);
} else {
AlgorithmParameterSpec aps = new IvParameterSpec(theIVp);
cf.init(Cipher.ENCRYPT_MODE, ky, aps);
}
byte[] theCph = cf.doFinal(theMsg);
System.out.println("Key : "+bytesToHex(theKey));
if (theIVp != null) {
System.out.println("IV : "+bytesToHex(theIVp));
}
System.out.println("Message : "+bytesToHex(theMsg));
System.out.println("Cipher : "+bytesToHex(theCph));
System.out.println("Expected: "+bytesToHex(theExp));
} catch (Exception e) {
e.printStackTrace();
return;
}
}
public static byte[] hexToBytes(String str) {
if (str==null) {
return null;
} else if (str.length() < 2) {
return null;
} else {
int len = str.length() / 2;
byte[] buffer = new byte[len];
for (int i=0; i<len; i++) {
buffer[i] = (byte) Integer.parseInt(
str.substring(i*2,i*2+2),16);
}
return buffer;
}
}
public static String bytesToHex(byte[] data) {
if (data==null) {
return null;
} else {
int len = data.length;
String str = "";
for (int i=0; i<len; i++) {
if ((data[i]&0xFF)<16) str = str + "0"
+ java.lang.Integer.toHexString(data[i]&0xFF);
else str = str
+ java.lang.Integer.toHexString(data[i]&0xFF);
}
return str.toUpperCase();
}
}
}
This program provides 4 tests: one for each operation mode. All tests share the same plaintext message,
"Now is the time for all ". For CBC, CFB and OFB modes, the same IV is used, 0x1234567890ABCDEF.
Test Cases of DES Operation Modes
I used my testing program, JceSunDesOperationModeTest.java, to test the cases listed in the
http://www.itl.nist.gov/fipspubs/fip81.htm:
java JceSunDesOperationModeTest 1 -- with ECB
Key : 0123456789ABCDEF
Message : 4E6F77206973207468652074696D6520666F7220616C6C20
Cipher : 3FA40E8A984D48156A271787AB8883F9893D51EC4B563B53
Expected: 3FA40E8A984D43156A271787AB8883F9893D51EC4B563B53
java JceSunDesOperationModeTest 2 -- with CBC
Key : 0123456789ABCDEF
IV : 1234567890ABCDEF
Message : 4E6F77206973207468652074696D6520666F7220616C6C20
Cipher : E5C7CDDE872BF27C43E934008C389C0F683788499A7C05F6
Expected: E5C7CDDE872BF27C43E934008C389C0F683788499A7C05F6
java JceSunDesOperationModeTest 3 -- with CFB
Key : 0123456789ABCDEF
IV : 1234567890ABCDEF
Message : 4E6F77206973207468652074696D6520666F7220616C6C20
Cipher : F3096249C7F46E51A69E839B1A92F78403467133898EA622
Expected: F3096249C7F46E51A69E839B1A92F78403467133898EA622
java JceSunDesOperationModeTest 4 -- with OFB
Key : 0123456789ABCDEF
IV : 1234567890ABCDEF
Message : 4E6F77206973207468652074696D6520666F7220616C6C20
Cipher : F3096249C7F46E5135F24A242EEB3D3F3D6D5BE3255AF8C3
Expected: F3096249C7F46E5135F24A242EEB3D3F3D6D5BE3255AF8C3
Outputs of the first 3 test cases match well with the expected values documented in
http://www.itl.nist.gov/fipspubs/fip81.htm.
The output of the last test case can not be compared, since it is not document in FIPS 81.
Conclusion
- DES operation modes are ways to couple previous plaintext blocks with the current plaintext block to
improve the strength of the encryption.
- Initial vector is used to parameterize the operation modes.
- Sun JCE implementation of DES operation modes work as expected.
Part:
1
2
3
| 