常用加密算法介绍--DES

一.DES

对称算法

1.key的大小

KEY64bit,IV(初始化向量)64bit,block size(每次运算处理的字节数)64bit,key的实际使用时56bit,每个字节的最后一位是校验位,不参与计算

 

2.加密模式

既可以block cipher(分组加密,ECB模式),也可以productcipher(乘积加密,CBC模式)。

分组加密就是每组分别加密,如果明文相同,得到的密文也会相同,乘积加密就是将上一次运算得到的结果,也就是密文,也参与到下一次运算当中,这样即使两个分组明文相同,得到的密文也不一样,计算第一组的时候就需要使用到IV了。显然CBC模式更安全一些。

 

3.Padding

明文如果不是block size的整数倍,最后一组就不能运算,因此在加密前需要进行padding,常用的PKCS7的padding,是将需要填充的字节数作为填充值,为了消除歧义,即使明文字节数正好是8的倍数,需要填充8个字节的0x08

 

4.例子

 

DES例子
1 usingSystem;
2 usingSystem.Collections.Generic;
3 usingSystem.Linq;
4 usingSystem.Text;
5 usingSystem.Security.Cryptography;
6 usingSystem.IO;
7
8 namespaceCipherTest
9 {
10 class Program
11 {
12 static void Main(string[] args)
13 {
14 SymmetricAlgorithmTest(newDESCryptoServiceProvider());
15 //SymmetricAlgorithmTest(newTripleDESCryptoServiceProvider());
16  
17 Console.ReadLine();
18 }
19
20 static voidSymmetricAlgorithmTest(SymmetricAlgorithm algo)
21 {
22 Console.WriteLine("=============================================");
23 Console.WriteLine("Default Algorithminfo:");
24 PrintSymmetricAlgorithmInfo(algo);
25
26 algo.Mode = CipherMode.ECB;
27 algo.GenerateIV();
28 algo.GenerateKey();
29
30 Console.WriteLine("Modify Algorithminfo:");
31 PrintSymmetricAlgorithmInfo(algo);
32
33 string text ="01234567012345670123456701234567";
34 byte[] plainText =Encoding.UTF8.GetBytes(text);
35 Console.WriteLine("\nPlaintext:\n\t" + ConvertBytesToHexString(plainText));
36
37 // Encrypt
38   MemoryStream ms = new MemoryStream();
39 CryptoStream encStream = newCryptoStream(ms, algo.CreateEncryptor(), CryptoStreamMode.Write);
40
41 encStream.Write(plainText, 0,plainText.Length);
42 encStream.FlushFinalBlock();
43
44 byte[] cipherText = ms.ToArray();
45 Console.WriteLine("\nEncryptedtext:\n\t"+ConvertBytesToHexString(cipherText));
46 encStream.Close();
47 ms.Close();
48
49 // Decrypt
50   MemoryStream ms2 = newMemoryStream(cipherText);
51 CryptoStream decStream = newCryptoStream(ms2, algo.CreateDecryptor(), CryptoStreamMode.Read);
52
53 Byte[] tempBuffer = new Byte[1024];
54 Byte[] outputBytes = new byte[0];
55 int nRead = decStream.Read(tempBuffer, 0,tempBuffer.Length);
56 int nLength = 0;
57 while (0 != nRead)
58 {
59 nLength = outputBytes.Length;
60 Array.Resize(ref outputBytes, nLength +nRead);
61 Array.Copy(tempBuffer, 0, outputBytes,nLength, nRead);
62 nRead = decStream.Read(tempBuffer, 0,tempBuffer.Length);
63 }
64
65 Console.WriteLine("\nDecryptedtext:\n\t" + ConvertBytesToHexString(outputBytes));
66 decStream.Close();
67 ms2.Close();
68 algo.Clear();
69 }
70
71 static stringConvertBytesToHexString(byte[] bytes)
72 {
73 if(bytes == null || bytes.Length == 0)
74 {
75 return string.Empty;
76 }
77 StringBuilder sb = new StringBuilder();
78 foreach(byte temp in bytes)
79 {
80 sb.Append(string.Format("{0:X2}", temp));
81 }
82 sb.Remove(sb.Length - 1, 1);
83 sb.Append(string.Format(("[{0}]"), bytes.Length));
84
85 return sb.ToString();
86 }
87
88 static voidPrintSymmetricAlgorithmInfo(SymmetricAlgorithm algo)
89 {
90 Console.WriteLine("\t" +algo.ToString());
91 Console.WriteLine("\tMode:"+algo.Mode);
92 Console.WriteLine("\tPadding:"+ algo.Padding);
93 Console.WriteLine("\tKeySize:"+ algo.KeySize);
94 Console.WriteLine("\tBlockSize:" + algo.BlockSize);
95 Console.WriteLine("\tIV:" +ConvertBytesToHexString(algo.IV));
96 Console.WriteLine("\tKey:" +ConvertBytesToHexString(algo.Key));
97 }
98 }
99 }

 

可能运行结果:

=============================================

DefaultAlgorithm info:

       System.Security.Cryptography.DESCryptoServiceProvider

        Mode:CBC

        Padding:PKCS7

        KeySize:64

        BlockSize:64

        IV:79 5D 7A E4 22 10 39 F2[8]

        Key:77 FF 02 7F 98 6F B6 46[8]

ModifyAlgorithm info:

       System.Security.Cryptography.DESCryptoServiceProvider

        Mode:ECB

        Padding:PKCS7

        KeySize:64

        BlockSize:64

        IV:30 15 B1 29 38 99 CC 36[8]

        Key:18 0D 84 44 18 4B 61 61[8]

 

Plaintext:

        30 31 32 33 34 35 36 37 30 31 32 33 3435 36 37 30 31 32 33 34 35 36 37

30 31 3233 34 35 36 37[32]

 

Encryptedtext:

        27 9B 21 8D 77 18 AB 53 27 9B 21 8D 7718 AB 53 27 9B 21 8D 77 18 AB 53

27 9B 218D 77 18 AB 53 4F 4B D6 D7 68 18 A4 FA[40]

 

Decryptedtext:

        30 31 32 33 34 35 36 37 30 31 32 33 3435 36 37 30 31 32 33 34 35 36 37

30 31 3233 34 35 36 37[32]

 

可以看出:

模式使用比较安全的CBC模式,padding用PKCS7,原文32字节也需要填充,加密后的密文是40字节,使用ECB模式时,相同的分组得到相同的密文

 

将模式改为CBC后的可能运行结果:

=============================================

DefaultAlgorithm info:

       System.Security.Cryptography.DESCryptoServiceProvider

        Mode:CBC

        Padding:PKCS7

        KeySize:64

        BlockSize:64

        IV:34 42 42 52 AC 9F D6 2A[8]

        Key:29 98 61 4F 14 2C 5E A1[8]

ModifyAlgorithm info:

       System.Security.Cryptography.DESCryptoServiceProvider

        Mode:CBC

        Padding:PKCS7

        KeySize:64

        BlockSize:64

        IV:35 C5 78 6D D8 54 BB 1D[8]

        Key:DC 73 23 E1 E3 78 42 84[8]

 

Plaintext:

        30 31 32 33 34 35 36 37 30 31 32 33 3435 36 37 30 31 32 33 34 35 36 37

30 31 3233 34 35 36 37[32]

 

Encryptedtext:

        65 67 16 2F 53 D9 FC 4A 02 6F CE C8 40B8 9C 40 C7 5F BF A8 38 62 05 E3

20 52 4AD7 5B AD 5E D1 5F CC D4 C3 C9 F1 97 53[40]

 

Decryptedtext:

        30 31 32 33 34 35 36 37 30 31 32 33 3435 36 37 30 31 32 33 34 35 36 37

30 31 3233 34 35 36 37[32]

 

 

即使明文分组相同,得到的密文也不一样了。

posted @ 2010-06-25 17:57  皮业勇  阅读(1258)  评论(0编辑  收藏  举报