DES Algorithm - Operation Modes and JCE SUN Implementation
Part:
1
2
3
(Continued from previous part...)
What is CFB (Cipher FeedBack) Operation Mode?
CFB (Cipher FeedBack) operation mode can be described with notations defined earlier
as the following formula and diagram:
C[i] = P[i] XOR Ek(C[i-1])
C[1] = P[1] XOR Ek(IV)
IV
| -----| -----|
Ek() / Ek() / Ek()
| / | / |
| / | / |
P[1]--XOR / P[2]--XOR / P[3]--XOR
| / | / |
| / | / |
C[1] C[2] C[3]
As you can see from the formula and the diagram, in CBC mode, each block of plaintext is XORed with the encrypted version of
the previous ciphertext to generate the current ciphertext block.
In this way, each ciphertext block is depending on all plaintext blocks up to that
point. Note that for the first block, the Initial Vector (IV) is used as the previous ciphertext block.
What is OFB (Output FeedBack) Operation Mode?
OFB (Output FeedBack) operation mode can be described with notations defined earlier as the following formula and diagram:
C[i] = P[i] XOR O[i]
O[i] = Ek(O[i-1])
O[1] = E(IV)
IV
| -----| -----|
Ek() / Ek() / Ek()
|--O[1] |--O[2] |--O[3]
| | |
P[1]--XOR P[2]--XOR P[3]--XOR
| | |
C[1] C[2] C[3]
As you can see from the formula and the diagram, in OFB mode, each block of plaintext is XORed with the current output block
to generate the current ciphertext block. The current output block is obtained by applying the encryption
process on the previous output block. Note that for the first block, the Initial Vector (IV) is used as the
previous output block.
Sun Java Implementation of DES Operation Modes
Sun has implemented all 4 operation modes described above in their JDK JCE (Java Cryptography Extension) package.
To use DES operation modes properly, you need to:
1. Specify the operation mode name as part of the algorithm name when calling Cipher.getInstance(algorithm)
to create a cipher object like:
Cipher cObj1 = Cipher.getInstance("DES/ECB/NoPadding");
Cipher cObj2 = Cipher.getInstance("DES/CBC/NoPadding");
Cipher cObj3 = Cipher.getInstance("DES/CFB/NoPadding");
Cipher cObj4 = Cipher.getInstance("DES/OFB/NoPadding");
2. Initialize the cipher object with the key and the IV (Initial Vector) by using the IvParameterSpec class
like:
AlgorithmParameterSpec apsObj = new IvParameterSpec(theIV);
cObj.init(Cipher.ENCRYPT_MODE, keyObj, apsObj);
JceSunDesOperationModeTest.java - JCE DES Operation Mode Testing Program
To test out JCE DES operation mode implementation, I wrote the following testing program:
/**
* JceSunDesOperationModeTest.java
* Copyright (c) 2006 by Dr. Herong Yang, http://www.herongyang.com/
*/
import java.security.spec.*;
import javax.crypto.*;
import javax.crypto.spec.*;
class JceSunDesOperationModeTest {
public static void main(String[] a) {
if (a.length<1) {
System.out.println("Usage:");
System.out.println(
"java JceSunDesOperationModeTest 1/2/3/4");
return;
}
String test = a[0];
try {
byte[] theKey = null;
byte[] theIVp = null;
byte[] theMsg = null;
byte[] theExp = null;
String algorithm = null;
if (test.equals("1")) {
algorithm = "DES/ECB/NoPadding";
theKey = hexToBytes("0123456789ABCDEF");
theMsg = hexToBytes(
"4E6F77206973207468652074696D6520666F7220616C6C20");
// "Now is the time for all "
theExp = hexToBytes(
"3FA40E8A984D43156A271787AB8883F9893D51EC4B563B53");
} else if (test.equals("2")) {
algorithm = "DES/CBC/NoPadding";
theKey = hexToBytes("0123456789ABCDEF");
theIVp = hexToBytes("1234567890ABCDEF");
theMsg = hexToBytes(
"4E6F77206973207468652074696D6520666F7220616C6C20");
// "Now is the time for all "
theExp = hexToBytes(
"E5C7CDDE872BF27C43E934008C389C0F683788499A7C05F6");
} else if (test.equals("3")) {
algorithm = "DES/CFB/NoPadding";
theKey = hexToBytes("0123456789ABCDEF");
theIVp = hexToBytes("1234567890ABCDEF");
theMsg = hexToBytes(
"4E6F77206973207468652074696D6520666F7220616C6C20");
// "Now is the time for all "
theExp = hexToBytes(
"F3096249C7F46E51A69E839B1A92F78403467133898EA622");
} else if (test.equals("4")) {
algorithm = "DES/OFB/NoPadding";
theKey = hexToBytes("0123456789ABCDEF");
theIVp = hexToBytes("1234567890ABCDEF");
theMsg = hexToBytes(
"4E6F77206973207468652074696D6520666F7220616C6C20");
// "Now is the time for all "
theExp = hexToBytes(
"F3096249C7F46E5135F24A242EEB3D3F3D6D5BE3255AF8C3");
} else {
System.out.println("Wrong option. For help enter:");
System.out.println("java JceSunDesOperationModeTest");
return;
}
(Continued on next part...)
Part:
1
2
3
|