Cryptography Tutorials - Herong's Tutorial Notes - DES Algorithm

Cryptography Tutorials - Herong's Tutorial Notes

Dr. Herong Yang, Version 4.00

DES Algorithm - Java JCE SUN Implementation

Part: 1 2 3

(Continued from previous part...)

   public static byte[] hexToBytes(String str) {
      if (str==null) {
         return null;
      } else if (str.length() < 2) {
         return null;
      } else {
         int len = str.length() / 2;
         byte[] buffer = new byte[len];
         for (int i=0; i<len; i++) {
             buffer[i] = (byte) Integer.parseInt(
                str.substring(i*2,i*2+2),16);
         }
         return buffer;
      }

   }
   public static String bytesToHex(byte[] data) {
      if (data==null) {
         return null;
      } else {
         int len = data.length;
         String str = "";
         for (int i=0; i<len; i++) {
            if ((data[i]&0xFF)<16) str = str + "0" 
               + java.lang.Integer.toHexString(data[i]&0xFF);
            else str = str
               + java.lang.Integer.toHexString(data[i]&0xFF);
         }
         return str.toUpperCase();
      }
   }            
}

Note that this program, CipherDesTest.java, can be easily modified to add other testing cases. I am using the ECB mode and NoPadding option to make it compatible with original DES standard.

Case 1 - Taken from The DES Algorithm Illustrated:

java JceSunDesTest 1

Key     : 133457799BBCDFF1
Message : 0123456789ABCDEF
Cipher  : 85E813540F0AB405
Expected: 85E813540F0AB405

Case 2 - Modified from DES Source Code:

java JceSunDesTest 2

Key     : 38627974656B6579
Message : 6D6573736167652E
Cipher  : 7CF45E129445D451
Expected: 7CF45E129445D451

This result is identical to my Java implementation! See the previous tutorial in this book.

What Is PKCS5Padding?

As you can see from previous tutorials, DES algorithm requires that the input data to be 8-byte blocks. If you want to encrypt a text message that is not multiples of 8-byte blocks, the text message must be padded with additional bytes to make the text message to be multiples of 8-byte blocks.

PKCS5Padding is a padding scheme described in: RSA Laboratories, "PKCS #5: Password-Based Encryption Standard," version 1.5, November 1993.

PKCS5Padding schema is actually very simple. It follows the following rules:

The number of bytes to be padded equals to "8 - numberOfBytes(clearText) mod 8". So 1 to 8 bytes will be padded to the clear text data depending on the length of the clear text data.
All padded bytes have the same value - the number of bytes padded.

PKCS5Padding schema can also be explained with the diagram below, if M is the original clear text and PM is the padded clear text:

If numberOfBytes(clearText) mod 8 == 7, PM = M + 0x01
If numberOfBytes(clearText) mod 8 == 6, PM = M + 0x0202
If numberOfBytes(clearText) mod 8 == 5, PM = M + 0x030303
...
If numberOfBytes(clearText) mod 8 == 0, PM = M + 0x0808080808080808

(Continued on next part...)

Part: 1 2 3

Dr. Herong Yang, updated in 2007

Cryptography Tutorials - Herong's Tutorial Notes - DES Algorithm - Java JCE SUN Implementation