📄 bdes.ps

📁 早期freebsd实现
💻 PS
📖 第 1 页 / 共 5 页
字号:
(6e) 198 324 T(57) 225 324 T(9c) 252 324 T(8f) 279 324 T(27) 306 324 T(5d) 333 324 T0 F-0.31 (Finally) 108 304 P-0.31 (, if the length of the message is indeed a multiple of the block size, an extra block of) 141.21 304 P0.83 (all 0 bits is added. Suppose ) 72 284 P7 F1.99 (inputf) 210.57 284 P1.99 (ile) 253.74 284 P0 F0.83 ( contains \322) 275.33 284 P6 F1.99 (test) 328.28 284 P9 F0.83 (\277) 357.07 284 P0 F0.83 (\323, and it is encrypted in 40-bit CFB) 364.96 284 P1.51 (mode using the key \322) 72 264 P6 F3.62 (abcdef#@) 179.96 264 P0 F1.51 (\323 and the initialization vector ) 237.53 264 P6 F3.62 (0x0123456789abcdef) 387.97 264 P0 F1.51 (; the) 517.5 264 P(command is) 72 244 T6 F-0.99 (bdes -f40 -v0x0123456789abcdef -kabcdef#@ < ) 72 220 P7 F-0.99 (inputf) 383.67 220 P-0.99 (ile) 426.85 220 P6 F-0.99 ( > ) 448.43 220 P7 F-0.99 (outputf) 468.04 220 P-0.99 (ile) 518.41 220 P0 F0.16 (because the option ) 72 196 P4 F0.16 (\320f40 ) 164.75 196 P0 F0.16 (signi\336es 40-bit CFB mode, and ) 189.89 196 P4 F0.16 (-v0x01234566789abcdef) 343.96 196 P0 F0.16 ( sets the initial-) 465.89 196 P(ization vector \050note that spaces between the option and its ar) 72 176 T(gument are optional\051:) 361.57 176 T(text) 72 152 T6 F(t) 144 152 T(e) 171 152 T(s) 198 152 T(t) 225 152 T9 F(\277) 252 152 T0 F(hex) 72 132 T10 F(74) 144 132 T(65) 171 132 T(73) 198 132 T(74) 225 132 T(0a) 252 132 T0 F(input) 72 112 T10 F(74) 144 112 T(65) 171 112 T(73) 198 112 T(74) 225 112 T(0a) 252 112 T(00) 279 112 T(00) 306 112 T(00) 333 112 T(00) 360 112 T(00) 387 112 T0 F(output) 72 92 T10 F(e2) 144 92 T(c2) 171 92 T(69) 198 92 T(a4) 225 92 T(5b) 252 92 T(3c) 279 92 T(3d) 306 92 T(b3) 333 92 T(f5) 360 92 T(3c) 387 92 TFMENDPAGE%%EndPage: "4" 71 12 /Times-BoldItalic FMDEFINEFONT2 14 /Symbol FMDEFINEFONT%%Page: "5" 7612 792 0 FMBEGINPAGE72 745.99 540 756 R7 X0 KV72 32.69 540 42.7 RV0 F0 X(Page 5 of 11) 479.71 34.7 T72 72 540 720 R7 XV0 X(Note here the block size is 40 bits \0505 bytes\051, not 64 bits \0508 bytes\051.) 108 712 T-0.4 (This technique allows complete compatibility with Sun\325) 108 688 P-0.4 (s ) 374.11 688 P3 F-0.4 (des) 381.37 688 P0 F-0.4 ( program. In Sun\325) 397.36 688 P-0.4 (s implemen-) 480.77 688 P0.02 (tation, padding is done with random bytes rather than bytes containing all zero bits. Cryptograph-) 72 668 P0.85 (ically) 72 648 P0.85 (, this makes no dif) 97.87 648 P0.85 (ference, as the DES is a suf) 189.32 648 P0.85 (\336ciently good random cipher to obscure the) 325.74 648 P(input \050see for example [2], Chapter 6\051, and known plaintext attacks are very dif) 72 628 T(\336cult [1].) 451.82 628 T4 F(5. Differ) 72 596 T(ences Between the Standard CFB and OFB Modes and ) 114.41 596 T1 F(bdes) 397.26 596 T0 F-0.11 (The UNIX operating system treats all \336les as streams of 8-bit bytes. In order to implement) 108 572 P-0.08 (the CFB and OFB modes properly) 72 552 P-0.08 (, it would be necessary to read ) 235.74 552 P3 F-0.08 (k) 383.74 552 P0 F-0.08 ( bits from the \336le, where ) 389.07 552 P3 F-0.08 (k) 509.51 552 P0 F-0.08 ( is an) 514.84 552 P0.98 (integer between 1 and 64 inclusive. However) 72 532 P0.98 (, this would require considerable buf) 294.22 532 P0.98 (fering and be) 474.77 532 P0.23 (quite inef) 72 512 P0.23 (\336cient and prohibitively slow) 117.65 512 P0.23 (. For these reasons, the current implementation of ) 258.48 512 P3 F0.23 (bdes) 501.48 512 P0 F0.23 ( re-) 523.46 512 P0.47 (quires that ) 72 492 P3 F0.47 (k) 126.23 492 P0 F0.47 ( be a multiple of 8, so that an integral number of bytes will always be read from the) 131.56 492 P(\336le. Other than this change, this mode is implemented as described in [3].) 72 472 T-0.58 (A similar observation holds for the alternate CFB mode described in [3]. Here, only the low) 108 448 P0.23 (7 bits of each byte are signi\336cant, and hence the parameter ) 72 428 P3 F0.23 (k) 358.95 428 P0 F0.23 ( is an integer from 1 to 56 inclusive;) 364.28 428 P(bdes requires k to be a multiple of 7. The high-order bit is retained for encryption and decryption,) 72 408 T(but output \050whether from encryption or decryption\051 always has the high-order bit set to zero.) 72 388 T4 F(6. Message Authentication Code Modes) 72 356 T0 F0.57 (The Data Encryption Standard provides two modes of authentication, each providing be-) 108 332 P1.27 (tween 1 and 64 bits of authentication data. In both cases an ) 72 312 P3 F1.27 (n) 373.32 312 P0 F1.27 (-bit message authentication code) 379.32 312 P0.62 (\050MAC\051 is generated, where 1) 72 292 P2 F0.73 ( ) 214.71 292 P9 F0.62 (\243) 218.94 292 P0 F0.62 ( ) 225.52 292 P3 F0.62 (n) 229.15 292 P0 F0.62 ( ) 235.14 292 P9 F0.62 (\243) 238.76 292 P0 F0.62 ( 64. The \336rst is based on the CBC encryption mode, and the) 245.35 292 P(second on CFB mode. Both work the same.) 72 272 T0.13 (First, the \336le is padded to a multiple of the block size by appending enough zero bits. It is) 108 248 P-0.16 (then encrypted using the standard CBC \050or CFB\051 algorithm, butall encrypted text is discarded ex-) 72 228 P-0.44 (cept for the last block. The ) 72 208 P3 F-0.44 (n) 200.9 208 P0 F-0.44 ( leading bits of the last block are used as the MAC. Note that the block) 206.9 208 P(size constrains the number of bits available as the MAC.) 72 188 T0.71 (The implementation allows the user to specify that the MAC is to be computed in either) 108 164 P-0.01 (CBC or CFB mode, and the user can specify any number of bits from 1 to 64 inclusive. However) 72 144 P-0.01 (,) 537 144 P-0.11 (because the UNIX operating system can only output bits in multiples of 8, if the number of bits of) 72 124 P-0.08 (MAC is not a multiple of 8, the MAC will be right-padded with the minimum number of zero bits) 72 104 P-0.31 (necessary to make the MAC length be a multiple of 8. However) 72 84 P-0.31 (, note that as the standard \050[3], Ap-) 374.6 84 PFMENDPAGE%%EndPage: "5" 8%%Page: "6" 8612 792 0 FMBEGINPAGE72 745.99 540 756 R7 X0 KV72 32.69 540 42.7 RV0 F0 X(Page 6 of 11) 479.71 34.7 T72 72 540 720 R7 XV0 X-0.14 (pendix F\051 requires an incomplete \336nal block be right-padded withzeroes, the technique of forcing) 72 712 P(the last octet to contain the number of bytes in the message is ) 72 692 T3 F(not) 369.47 692 T0 F( used here.) 384.8 692 T-0.39 (For example, suppose ) 108 668 P7 F-0.94 (inputf) 214.76 668 P-0.94 (ile) 257.93 668 P0 F-0.39 ( contains \322) 279.52 668 P6 F-0.94 (This) 330.04 668 P8 F-0.43 (z) 358.82 668 P6 F-0.94 (is) 363.8 668 P8 F-0.43 (z) 378.19 668 P6 F-0.94 (a) 383.17 668 P8 F-0.43 (z) 390.36 668 P6 F-0.94 (test) 395.34 668 P9 F-0.39 (\277) 424.13 668 P0 F-0.39 (\323, and a 64-bit MAC is) 432.02 668 P-0.73 (to be generated using CBC mode, the key \322) 72 648 P6 F-1.74 (abcdef#@) 274.39 648 P0 F-0.73 (\323 and the initialization vector ) 331.96 648 P6 F-1.74 (0x0) 471.23 648 P0 F-0.73 (; the com-) 492.82 648 P(mand is) 72 628 T6 F(bdes -m 64 -k abcdef#@ < ) 136.89 604 T7 F(inputf) 316.79 604 T(ile) 359.97 604 T6 F( > ) 381.56 604 T7 F(outputf) 403.15 604 T(ile) 453.52 604 T0 F(as CBC is the default encryption mode and ) 72 580 T6 F(0x0) 281.2 580 T0 F( the default initialization vector:) 302.79 580 T(text) 72 556 T6 F(T) 117 556 T(h) 144 556 T(i) 171 556 T(s) 198 556 T8 F(z) 225 556 T6 F(i) 252 556 T(s) 279 556 T8 F(z) 306 556 T6 F(a) 333 556 T8 F(z) 360 556 T6 F(t) 387 556 T(e) 414 556 T(s) 441 556 T(t) 468 556 T9 F(\277) 495 556 T0 F(hex) 72 536 T10 F(54) 117 536 T(68) 144 536 T(69) 171 536 T(73) 198 536 T(20) 225 536 T(69) 252 536 T(73) 279 536 T(20) 306 536 T(61) 333 536 T(20) 360 536 T(74) 387 536 T(65) 414 536 T(73) 441 536 T(74) 468 536 T(0a) 495 536 T0 F(input) 72 516 T10 F(54) 117 516 T(68) 144 516 T(69) 171 516 T(73) 198 516 T(20) 225 516 T(69) 252 516 T(73) 279 516 T(20) 306 516 T(61) 333 516 T(20) 360 516 T(74) 387 516 T(65) 414 516 T(73) 441 516 T(74) 468 516 T(0a) 495 516 T(00) 522 516 T0 F(output) 72 496 T10 F(43) 117 496 T(18) 144 496 T(de) 171 496 T(74) 198 496 T(24) 225 496 T(a9) 252 496 T(65) 279 496 T(d1) 306 496 T0 F0.04 (Notice that the text is 15 characters long, so there are 7 bytes following the last full block.) 108 476 P3 F(Bdes) 72 456 T0 F( pads this to a full block by appending a zero-\336lled byte. The result is then encrypted and the) 95.32 456 T(last block of output is used as the MAC.) 72 436 T0.06 (As another example, suppose we used the same text, and wanted a 36-bit MAC to be gen-) 108 412 P6.91 (erated using 40-bit CFB mode, the key \322) 72 392 P6 F16.58 (abcdef#@) 314.9 392 P0 F6.91 (\323 and the initialization vector) 372.47 392 P6 F(0x0123456789abcdef) 72 372 T0 F(; the command is) 201.53 372 T6 F(bdes -m 36 -f 40 -v 0x0123456789abcdef < ) 79.32 348 T7 F(inputf) 374.36 348 T(ile) 417.54 348 T6 F( > ) 439.13 348 T7 F(outputf) 460.71 348 T(ile) 511.09 348 T0 F-0.19 (where ) 72 324 P4 F-0.19 (\320m 36) 104.11 324 P0 F-0.19 ( is the option to generate a 36-bit MAC, ) 134.91 324 P4 F-0.19 (\320f 40) 327.79 324 P0 F-0.19 ( indicates 40-bit CFB is to be used, and) 352.58 324 P4 F-0.31 (\320v 0x123456789abcdef) 72 304 P0 F-0.31 ( sets the initialization vector) 186.62 304 P-0.31 (. Note that, as the key is not given on the com-) 319.95 304 P(mand line, the user will be prompted for it. It gives:) 72 284 T(text) 72 260 T6 F(T) 117 260 T(h) 144 260 T(i) 171 260 T(s) 198 260 T8 F(z) 225 260 T6 F(i) 252 260 T(s) 279 260 T8 F(z) 306 260 T6 F(a) 333 260 T8 F(z) 360 260 T6 F(t) 387 260 T(e) 414 260 T(s) 441 260 T(t) 468 260 T9 F(\277) 495 260 T0 F(hex) 72 240 T10 F(54) 117 240 T(68) 144 240 T(69) 171 240 T(73) 198 240 T(20) 225 240 T(69) 252 240 T(73) 279 240 T(20) 306 240 T(61) 333 240 T(20) 360 240 T(74) 387 240 T(65) 414 240 T(73) 441 240 T(74) 468 240 T(0a) 495 240 T0 F(input) 72 220 T10 F(54) 117 220 T(68) 144 220 T(69) 171 220 T(73) 198 220 T(20) 225 220 T(69) 252 220 T(73) 279 220 T(20) 306 220 T(61) 333 220 T(20) 360 220 T(74) 387 220 T(65) 414 220 T(73) 441 220 T(74) 468 220 T(0a) 495 220 T0 F(output) 72 200 T10 F(2b) 117 200 T(18) 144 200 T(68) 171 200 T(2d) 198 200 T(60) 225 200 T0 F0.19 (Note that the MAC is padded on the right by four zero bits to produce \336ve characters that) 108 180 P(can be output.) 72 160 T4 F(7. Differ) 72 128 T(ences Between ) 114.41 128 T1 F(bdes) 191.01 128 T4 F( and Sun\325) 212.99 128 T(s DES Implementation) 261.88 128 T0 F0.02 (The program ) 108 104 P3 F0.02 (bdes) 173.33 104 P0 F0.02 ( is designed to be completely compatible with Sun Microsystems, Inc.\325) 195.31 104 P0.02 (s) 535.33 104 P0.57 (implementation of the Data Encryption Standard, called ) 72 84 P3 F0.57 (des) 347.14 84 P0 F0.57 ( and described in [4]. Thus, \336les en-) 363.13 84 PFMENDPAGE%%EndPage: "6" 9%%Page: "7" 9612 792 0 FMBEGINPAGE72 745.99 540 756 R7 X0 KV72 32.69 540 42.7 RV0 F0 X(Page 7 of 11) 479.71 34.7 T72 72 540 720 R7 XV0 X0.44 (crypted using ) 72 712 P3 F0.44 (des) 140.84 712 P0 F0.44 ( can be decrypted using ) 156.83 712 P3 F0.44 (bdes) 275.29 712 P0 F0.44 (, and vice versa, provided modes common to both) 297.27 712 P-0.34 (are used. However) 72 692 P-0.34 (, ) 160.41 692 P3 F-0.34 (bdes) 166.06 692 P0 F-0.34 ( does not allow \336les to be named on the command line, nor does it support) 188.05 692 P-0.68 (hardware devices \050and so the ) 72 672 P4 F-0.68 (-s) 210.83 672 P0 F-0.68 ( and ) 219.49 672 P4 F-0.68 (-f) 241.45 672 P0 F-0.68 ( options of Sun\325) 249.44 672 P-0.68 (s ) 323.71 672 P3 F-0.68 (des) 330.7 672 P0 F-0.68 ( are not available\051. Further) 346.69 672 P-0.68 (, as encryption) 471.07 672 P-0.05 (is the default, the Sun ) 72 652 P3 F-0.05 (des) 179.01 652 P0 F-0.05 ( ) 195 652 P4 F-0.05 (-e) 197.95 652 P0 F-0.05 ( option is not recognized. As the manual page to ) 207.27 652 P3 F-0.05 (bdes) 441.6 652 P0 F-0.05 ( is in the appen-) 463.59 652 P(dix, these dif) 72 632 T(ferences will not be elaborated upon further) 134.08 632 T(.) 343.24 632 T0.44 (Sun\325) 108 608 P0.44 (s ) 130 608 P3 F
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -