bdes.ps

早期freebsd实现

0.44 (des) 138.1 608 P
0 F
0.44 ( supports the use of special-purpose hardware to encrypt and decrypt. Although) 154.09 608 P
3 F
1.33 (bdes) 72 588 P
0 F
1.33 ( does not directly support the use of such hardware, it uses the library routine ) 93.98 588 P
3 F
1.33 (encrypt) 487.05 588 P
0 F
1.33 (\0503\051,) 523.02 588 P
-0.09 (which may) 72 568 P
-0.09 (. Hardware support was not included directly to support as lar) 124.1 568 P
-0.09 (ge a number of platforms) 419.11 568 P
(as possible with installers needing to know as little about the hardware as possible.) 72 548 T
-0.08 (Sun\325) 108 524 P
-0.08 (s ) 130 524 P
3 F
-0.08 (des) 137.58 524 P
0 F
-0.08 ( supports only the CBC and ECB encryption modes; ) 153.57 524 P
3 F
-0.08 (bdes) 407.07 524 P
0 F
-0.08 ( supports all modes de-) 429.05 524 P
0.26 (scribed in [3] \050although CFB and OFB are not completely supported\051 as well as both CBC-based) 72 504 P
(and CFB-based MACs.) 72 484 T
0.15 (Although input with length not a multiple of the block size is handled in the same way by) 108 460 P
-0.47 (both ) 72 440 P
3 F
-0.47 (des) 95.85 440 P
0 F
-0.47 ( and ) 111.84 440 P
3 F
-0.47 (bdes) 134.21 440 P
0 F
-0.47 (, dif) 156.19 440 P
-0.47 (ferent values of the padding bytes are used in all but the last byte of the input.) 174.82 440 P
(Where ) 72 420 T
3 F
(bdes) 106.96 420 T
0 F
( puts zero bytes, ) 128.94 420 T
3 F
(des) 209.89 420 T
0 F
( puts bytes containing random values. The reason for Sun\325) 225.87 420 T
(s doing) 505.02 420 T
0.47 (so is to prevent a known plaintext attack on the \336le should an
attacker determine that the input\325) 72 400 P
0.47 (s) 535.33 400 P
-0.29 (length were a multiple of the block size. W) 72 380 P
-0.29 (ith ) 276.05 380 P
3 F
-0.29 (bdes) 291.43 380 P
0 F
-0.29 (, the plaintext contents of the last block of input) 313.41 380 P
0.31 (for such a \336le is known \050a block with all bits zero\051. W) 72 360 P
0.31 (ith ) 333.99 360 P
3 F
0.31 (des) 349.96 360 P
0 F
0.31 (, the plaintext contents of that block) 365.95 360 P
0.73 (are not known. Cryptanalytically) 72 340 P
0.73 (, given the information about the strength of the DES currently) 231.29 340 P
0.2 (known, it is widely believed that known plaintext attacks are infeasible
\050see for example [1]\051 and) 72 320 P
1.86 (so initializing and invoking the pseudorandom number generator seems unnecessary) 72 300 P
1.86 (. But this) 492.63 300 P
(means that ciphertexts produced from a plaintext by ) 72 280 T
3 F
(bdes) 324.48 280 T
0 F
( and ) 346.47 280 T
3 F
(des) 369.78 280 T
0 F
( will dif) 385.77 280 T
(fer in the last block.) 423.54 280 T
4 F
(Refer) 72 248 T
(ences) 100.41 248 T
0 F
([1]) 72 224 T
0.37 (D. Denning, \322The Data Encryption Standard: Fifteen Y) 108 224 P
0.37 (ears of Public Scrutiny) 374.87 224 P
0.37 (,\323 ) 484.8 224 P
3 F
0.37 (Pr) 496.49 224 P
0.37 (oceed-) 508.04 224 P
-0.47 (ings of the Sixth Annual Computer Security Applications Confer) 108 204 P
-0.47 (ence) 411.65 204 P
0 F
-0.47 ( pp. x\320xv \050Dec. 1990\051.) 433.62 204 P
([2]) 72 180 T
(A. Konheim, ) 108 180 T
3 F
(Cryptography: A Primer) 173.29 180 T
0 F
(, John W) 291.4 180 T
(iley and Sons, Inc., New Y) 333.9 180 T
(ork, NY \0501981\051.) 461.94 180 T
([3]) 72 156 T
3 F
0.63 (DES Modes of Operation) 108 156 P
0 F
0.63 (, Federal Information Processing Standards Publication 81, Na-) 231.47 156 P
-0.07 (tional Bureau of Standards, U.S. Department of Commerce, W) 108 136 P
-0.07 (ashington, DC \050Dec. 1980\051.) 407.62 136 P
([4]) 72 112 T
3 F
(UNIX User) 108 112 T
(\325) 162.74 112 T
(s Manual) 165.18 112 T
0 F
(, Sun Microsystems Inc., Mountain V) 210.16 112 T
(iew) 390 112 T
(, CA \050Mar) 406.54 112 T
(. 1988\051.) 455.51 112 T
4 F
(Appendix. The UNIX System Manual Page for ) 72 80 T
1 F
(bdes) 313.2 80 T
FMENDPAGE
%%EndPage: "7" 10
1 11 /Times-Bold FMDEFINEFONT
%%Page: "8" 10
612 792 0 FMBEGINPAGE
72 745.99 540 756 R
7 X
0 K
V
72 32.69 540 42.7 R
V
0 F
0 X
(Page 8 of 11) 479.71 34.7 T
72 72 540 720 R
7 X
V
1 F
0 X
(NAME) 72 712.67 T
0 F
(bdes - encrypt/decrypt using the Data Encryption Standard) 108 689 T
1 F
(SYNOPSIS) 72 663.67 T
4 F
(bdes) 108 640 T
0 F
( [) 131.33 640 T
3 F
( ) 138.32 640 T
4 F
(-abdp) 141.32 640 T
0 F
( ] [ ) 171.31 640 T
4 F
(-F) 188.3 640 T
0 F
( ) 199.62 640 T
3 F
(b) 202.62 640 T
0 F
( ] [ ) 208.61 640 T
4 F
(-f) 225.6 640 T
0 F
( ) 233.58 640 T
3 F
(b) 236.58 640 T
0 F
( ] [ ) 242.58 640 T
4 F
(-k) 259.56 640 T
0 F
( ) 270.22 640 T
3 F
(key) 273.22 640 T
0 F
( ] [ ) 289.2 640 T
4 F
(-m) 306.18 640 T
0 F
( ) 320.16 640 T
3 F
(b) 323.16 640 T
0 F
( ] [ ) 329.16 640 T
4 F
(-o) 346.14 640 T
0 F
( ) 356.13 640 T
3 F
(b) 359.13 640 T
0 F
( ] [ ) 365.13 640 T
4 F
(-v) 382.11 640 T
0 F
( ) 392.1 640 T
3 F
(vector) 395.1 640 T
0 F
( ]) 425.07 640 T
1 F
(DESCRIPTION) 72 614.67 T
3 F
-0.69 (Bdes) 108 591 P
0 F
-0.69 ( reads from the standard input and writes on the standard output. It implements all DES) 131.32 591 P
-0.09 (modes of operation described in FIPS PUB 81 including alternative cipher feedback mode) 108 577 P
0.74 (and both authentication modes. All modes but the electronic code book mode require an) 108 563 P
-0.14 (initialization vector; if none is supplied, the zero vector is used. T) 108 549 P
-0.14 (o protect the key and ini-) 420.44 549 P
0.29 (tialization vector from being read by) 108 535 P
3 F
0.29 ( ps) 284.98 535 P
0 F
0.29 (\0501\051, ) 298.94 535 P
3 F
0.29 (bdes ) 319.21 535 P
0 F
0.29 (hides its ar) 344.48 535 P
0.29 (guments on entry) 396.81 535 P
0.29 (. If no ) 479.89 535 P
3 F
0.29 (key ) 512.74 535 P
0 F
0.29 (is) 532 535 P
-0.61 (given, one is requested from the controlling terminal if that can be opened, or from the stan-) 108 521 P
(dard input if not.) 108 507 T
-0.17 (The key and initialization vector are taken as sequences of ) 108 489 P
5 F
-0.14 (ASCII) 389.38 489 P
0 F
-0.17 ( characters which are then) 415.48 489 P
-0.35 (mapped into their bit representations. If either begins with
\3240x\325 or \3240X\325, that one is taken as) 108 475 P
1.02 (a sequence of hexadecimal digits indicating the bit pattern; if either begins with \3240b\325 or) 108 461 P
-0.73 (\3240B\325, that one is taken as a sequence of binary digits
indicating the bit pattern. In either case,) 108 447 P
-0.37 (only the leading 64 bits of the key or initialization vector are used, and if fewer than 64 bits) 108 433 P
0.35 (are provided, enough 0 bits are appended to pad the key to 64 bits. Note that if the key is) 108 419 P
0.03 (not entered on the command line, it is interpreted in the same way) 108 405 P
0.03 (, because with 4.4 BSD,) 424.31 405 P
-0.36 (the password reading function ) 108 391 P
3 F
-0.36 (getpass) 254.45 391 P
0 F
-0.36 (\0503\051 allows enough characters for either hex or binary) 290.43 391 P
(keys to be entered.) 108 377 T
0.04 (According to the DES standard, the low-order bit of each character in the key string is de-) 108 359 P
-0.18 (leted. Since most ) 108 345 P
5 F
-0.15 (ASCII) 192.75 345 P
0 F
-0.18 ( representations set the high-order bit to 0, simply deleting the low-) 218.84 345 P
-0.29 (order bit ef) 108 331 P
-0.29 (fectively reduces the size of the key space from 2) 160.49 331 P
5 F
-0.24 (56) 394.67 335.8 P
0 F
-0.29 ( to 2) 404.67 331 P
5 F
-0.24 (48) 425.41 335.8 P
0 F
-0.29 ( keys. T) 435.4 331 P
-0.29 (o prevent this,) 472.29 331 P
-0.46 (the high-order bit must be a function depending in part upon the low-order bit; so, the high-) 108 317 P
0.11 (order bit is set to whatever value gives odd parity) 108 303 P
0.11 (. This preserves the key space size. Note) 345.05 303 P
(this resetting of the parity bit is ) 108 289 T
3 F
(not) 260.92 289 T
0 F
( done if the key is given in binary or hex.) 276.24 289 T
-0.38 (By default, the standard input is encrypted using cipher block chaining mode and is written) 108 271 P
0.18 (to the standard output. Using the same key for encryption and decryption preserves plain-) 108 257 P
(text, so) 108 243 T
( bdes ) 225.81 225 T
3 F
(key) 253.79 225 T
0 F
( < plaintext | bdes \320i ) 269.77 225 T
3 F
(key) 370.21 225 T
0 F
( ) 386.19 225 T
(is a very expensive equivalent of ) 108 201 T
3 F
(cat) 268.54 201 T
0 F
(\0501\051.) 283.2 201 T
(Options are:) 108 183 T
( ) 108 165 T
4 F
(\320a) 111 165 T
0 F
-0.75 (The key and initialization vector strings are to be taken as ) 144 165 P
5 F
-0.62 (ASCII) 415.89 165 P
0 F
-0.75 ( suppressing the spe-) 441.98 165 P
0.3 (cial interpretation given to leading \3240x\325, \3240X\325, \3240b\325,
and \3240B\325 characters. Note this) 144 151 P
(\337ag applies to ) 144 137 T
3 F
(both) 214.29 137 T
0 F
( the key and initialization vector) 235.62 137 T
(.) 389.85 137 T
4 F
(\320b) 108 119 T
0 F
(Use electronic code book mode.) 144 119 T
4 F
(\320d) 108 101 T
0 F
(Decrypt the input.) 144 101 T
FMENDPAGE
%%EndPage: "8" 11
%%Page: "9" 11
612 792 0 FMBEGINPAGE
72 745.99 540 756 R
7 X
0 K
V
72 32.69 540 42.7 R
V
0 F
0 X
(Page 9 of 11) 479.71 34.7 T
72 72 540 720 R
7 X
V
4 F
0 X
(\320f) 108 712 T
0 F
( ) 117.99 712 T
3 F
(b) 120.99 712 T
0 F
-0.29 (Use ) 144 712 P
3 F
-0.29 (b) 165.36 712 P
0 F
-0.29 (-bit cipher feedback mode. Currently ) 171.35 712 P
3 F
-0.29 (b) 350.42 712 P
0 F
-0.29 ( must be a multiple of 8 between 8 and) 356.42 712 P
(64 inclusive \050this does not conform to the standard CFB mode speci\336cation\051.) 144 698 T
4 F
(\320F) 108 680 T
0 F
( ) 121.32 680 T
3 F
(b) 124.32 680 T
0 F
-0.29 (Use ) 144 680 P
3 F
-0.29 (b) 165.36 680 P
0 F
-0.29 (-bit alternative cipher feedback mode. Currently ) 171.36 680 P
3 F
-0.29 (b) 403.77 680 P
0 F
-0.29 ( must be a multiple of 7 be-) 409.77 680 P
-0.12 (tween 7 and 56 inclusive \050this does not conform to the alternative CFB mode spec-) 144 666 P
(i\336cation\051.) 144 652 T
4 F
(\320k) 108 634 T
0 F
( ) 120.67 634 T
3 F
(key) 123.66 634 T
0 F
0.37 (Use the string ) 144 616 P
3 F
0.37 (key) 214.74 616 P
0 F
0.37 ( as the cryptographic key) 230.72 616 P
0.37 (. If this ar) 352.01 616 P
0.37 (gument is not given, the user) 399.54 616 P
(will be prompted for the key) 144 602 T
(.) 280.12 602 T
4 F
(\320m) 108 584 T
0 F
( ) 123.99 584 T
3 F
(b) 126.99 584 T
0 F
0.71 (Compute a message authentication code \050MAC\051 of ) 144 584 P
3 F
0.71 (b) 395.78 584 P
0 F
0.71 ( bits on the input. ) 401.77 584 P
3 F
0.71 (b) 491.94 584 P
0 F
0.71 ( must be) 497.94 584 P
0.11 (between 1 and 64 inclusive; if ) 144 570 P
3 F
0.11 (b) 291.87 570 P
0 F
0.11 ( is not a multiple of 8, enough 0 bits will be added) 297.86 570 P
-0.44 (to pad the MAC length to the nearest multiple of 8. Only the MAC is output. MACs) 144 556 P
(are only available in cipher block chaining mode or in cipher feedback mode.) 144 542 T
4 F
(\320o) 108 524 T
0 F
( ) 119.99 524 T
3 F
(b) 122.99 524 T
0 F
-0.34 (Use ) 144 524 P
3 F
-0.34 (b) 165.31 524 P
0 F
-0.34 (-bit output feedback mode. Currently ) 171.31 524 P
3 F
-0.34 (b) 350.83 524 P
0 F
-0.34 ( must be a multiple of 8 between 8 and) 356.83 524 P
(64 inclusive \050this does not conform to the OFB mode speci\336cation\051.) 144 510 T
4 F
(\320p) 108 492 T
0 F
-0.14 (Disable the resetting of the parity bit. This \337ag forces the parity bit of the key to be) 144 492 P
0.03 (used as typed, rather than making each character be of odd parity) 144 478 P
0.03 (. It is used only if) 455.91 478 P
(the key is given in ) 144 464 T
5 F
(ASCII) 234.95 464 T
0 F
(.) 261.04 464 T
4 F
(\320v) 108 446 T
0 F
( ) 119.99 446 T
3 F
(vector) 122.99 446 T
0 F
-0.5 (Set the initialization vector to ) 144 428 P
3 F
-0.5 (v) 286.44 428 P
0 F
-0.5 (; the vector is interpreted in the same way as the key) 291.76 428 P
-0.5 (.) 537 428 P
(The vector is ignored in electronic codebook mode.) 144 414 T
-0.55 (The DES is considered a very strong cryptosystem, and other than table lookup attacks, key) 108 396 P
0.24 (search attacks, and Hellman\325) 108 382 P
0.24 (s time-memory tradeof) 246.61 382 P
0.24 (f \050all of which are very expensive and) 356.8 382 P
0.66 (time-consuming\051, no cryptanalytic methods for breaking the DES are known in the open) 108 368 P
0.33 (literature. No doubt the choice of keys and key security are the most vulnerable aspect of) 108 354 P
3 F
(bdes) 108 340 T
0 F
(.) 129.98 340 T
4 F
(IMPLEMENT) 72 314 T
(A) 146.41 314 T
(TION NOTES) 154.18 314 T
0 F
0.57 (For implementors wishing to write software compatible with this program, the following) 108 290 P
-0.23 (notes are provided. This software is completely compatible with the implementation of the) 108 276 P
(data encryption standard distributed by Sun Microsystems, Inc.) 108 262 T
0.11 (In the ECB and CBC modes, plaintext is encrypted in units of 64 bits \0508 bytes, also called) 108 244 P
0.52 (a block\051. T) 108 230 P
0.52 (o ensure that the plaintext \336le is encrypted correctly) 160.49 230 P
0.52 (, ) 413.01 230 P
3 F
0.52 (bdes ) 419.53 230 P
0 F
0.52 (will \050internally\051 ap-) 445.03 230 P
0.29 (pend from 1 to 8 bytes, the last byte containing an integer stating how many bytes of that) 108 216 P
-0.71 (\336nal block are from the plaintext \336le, and encrypt the resulting block. Hence, when decrypt-) 108 202 P
0.27 (ing, the last block may contain from 0 to 7 characters present in the plaintext \336le, and the) 108 188 P
-0.59 (last byte tells how many) 108 174 P
-0.59 (. Note that if during decryption the last byte of the \336le does not con-) 221.46 174 P
0.41 (tain an integer between 0 and 7, either the \336le has been corrupted or an incorrect key has) 108 160 P
0.48 (been given. A similar mechanism is used for the OFB and CFB modes, except that those) 108 146 P
0.26 (simply require the length of the input to be a multiple of the mode size, and the \336nal byte) 108 132 P
-0.73 (contains an integer between 0 and one less than the number of bytes being used as the mode.) 108 118 P
(\050This was another reason that the mode size must be a multiple of 8 for those modes.\051) 108 104 T
FMENDPAGE
%%EndPage: "9" 12
%%Page: "10" 12
612 792 0 FMBEGINPAGE
72 745.99 540 756 R
7 X
0 K
V
72 32.69 540 42.7 R
V
0 F
0 X
(Page 10 of 11) 473.71 34.7 T
72 72 540 720 R
7 X
V
0 X
0.94 (Unlike Sun\325) 108 712 P
0.94 (s implementation, unused bytes of that last block are not \336lled with random) 166.58 712 P
0.57 (data, but instead contain what was in those byte positions in the preceding block. This is) 108 698 P
(quicker and more portable, and does not weaken the encryption signi\336cantly) 108 684 T
(.) 473.95 684 T
0.36 (If the key is entered in ) 108 666 P
5 F
0.3 (ASCII) 220.76 666 P
0 F
0.36 (, the parity bits of the key characters are set so that each key) 246.85 666 P
1.03 (character is of odd parity) 108 652 P
1.03 (. Unlike Sun\325) 231.23 652 P
1.03 (s implementation, it is possible to enter binary or) 296.92 652 P
-0.57 (hexadecimal keys on the command line, and if this is done, the parity bits are ) 108 638 P
3 F
-0.57 (not ) 472.85 638 P
0 F
-0.57 (reset. This) 490.61 638 P
(allows testing using arbitrary bit patterns as keys.) 108 624 T
0.64 (The Sun implementation always uses an initialization vector of 0 \050that is, all zeroes\051. By) 108 606 P
(default, ) 108 592 T
3 F
(bdes ) 147.3 592 T
0 F
(does too, but this may be changed from the command line.) 172.29 592 T
4 F
(FILES) 72 566 T
0 F
(/dev/tty) 108 542 T
(controlling terminal for typed key) 180 542 T
4 F
(SEE ALSO) 72 516 T
3 F
(crypt) 108 492 T
0 F
(\0501\051, ) 132.65 492 T
3 F
(crypt) 152.63 492 T
0 F
(\0503\051) 177.27 492 T
3 F
-0.4 (Data Encryption Standar) 108 474 P
-0.4 (d) 228.02 474 P
0 F
-0.4 (, Federal Information Processing Standard #46, National Bureau) 234.02 474 P
(of Standards, U.S. Department of Commerce, W) 108 460 T
(ashington DC \050Jan. 1977\