CS 69011 Information Processing Laboratory, Spring 2003

CS 69011 Information Processing Laboratory, Autumn 2003

Assignment 2: Implementation of DES

Objective

This assignment instructs the students:

How to implement well-specified algorithms.
How to build (static) function libraries from object modules.
How to call library fuctions from application programs.
How to write Makefiles.

What is DES?

Data Encryption Standard (DES) is a standard encryption algorithm proposed by the US Department of Commerce. DES and its several variants are now widely used for asymmetric encryption.

Suppose that Alice wants to send a message M to Bob using a communication channel, where a third party (Carol) can intercept others' messages. In order to make the message M inaccessible to Carol, Alice transforms M to C = E(M,K) and sends the resulting ciphertext C to Bob. Bob upon receiving C retrieves the plaintext M = D(C,K). The function E is called the encryption function and D the decryption function. They use a key K which introduces the desired privacy in the scheme. Alice and Bob both know K and can encrypt and decrypt, whereas Carol (or Dorothy or Emily) without the knowledge of k cannot make out M even if she obtains C by intercepting the communication channel.

There are several ways in which the (matching) functions E and D can be designed. DES is one popular building block for encryption. Alice first breaks up her secret message M into blocks of 64 bits and encrypts each block using the DES primitive and a secret key K known to Alice and Bob only.

A complete specification of DES is available as a FIPS document at the site: http://www.itl.nist.gov/fipspubs/fip46-2.htm. There are variants of this basic DES scheme, like 2-DES, 3-DES and DESX. In order to encrypt multiple blocks, one typically uses a feedback loop known as cipher block chaining (CBC). In order to know more about the DES variants and the CBC mode of operation, we refer the reader to the book by Menezes, van Oorschot and Vanstone: Handbook of Applied Cryptography (HAC), Chapter 7 (Block Ciphers). We will also distribute sample pages from books in the class.

What to do?

Part 1: Implement the encryption and decryption routines for DES, 2-DES, 3-DES.
Part 2: Implement the CBC modes of operation of the three DES primiives of Part 1.
Part 3: Encrypt English paragraphs by DES, send to your friend and let your friend decrypt your ciphertext. Note that in this context you are your friend's friend.
Part 4: Implement differential cryptanalysis for DES.

How to do?

Use the following step-by-step development:

Write the following pairs of header/source files:

DES.h      DES.c       Basic DES encryption/decryption
2DES.h     2DES.c      2-DES encryption/decryption
3DES.h     3DES.c      3-DES encryption/decryption
DESCBC.h   DESCBC.c    CBC mode of operation for (basic) DES
2DESCBC.h  2DESCBC.c   CBC mode of operation for 2-DES
3DESCBC.h  3DESCBC.c   CBC mode of operation for 3-DES

Write a Makefile that compiles the sources to generate object modules and subsequently archives the object modules to a static library libDES.a. In order to generate object files from a main()-less source use gcc -c and for archiving use ar followed by ranlib. Your Makefile should automatically do all these things. Note that you don't have to specify -c in a Makefile.
Write the text encrypt/decrypt application using the header files. While compiling, link the static library created.
In order to encrypt long English paragraphs break the paragraphs in blocks of eight characters. Encode each block in 64 bits. You may exploit the ASCII encoding of characters for this purpose. Finally use the CBC mode for encrypting the sequence of 64 bit encoded blocks. The CBC mode of operation requires an IV (initialization vector) that can be generated randomly.
Your application program should also produce 64-bit blocks of ciphertext, decrypt each block under the CBC mode and decode each decrypted block to retrieve the English paragraph. The matching IV should be used during decryption.
Assuming that the header files reside in /home/username/infoLab/include, your application program should have the following #include directives:
```
#include "/home/username/infoLab/include/DES.h"
#include "/home/username/infoLab/include/2DES.h"
#include "/home/username/infoLab/include/3DES.h"
#include "/home/username/infoLab/include/DESCBC.h"
#include "/home/username/infoLab/include/2DESCBC.h"
#include "/home/username/infoLab/include/3DESCBC.h"
```
Also suppose that your static library (libDES.a) resides in the directory /home/username/infoLab/lib. Linking during compilation can be effected by:
```
gcc myApplication.c -L/home/username/infoLab/lib -lDES
```
#include and the -L option also accept relative path names.
Write the differential cryptanalysis routine.

Downloaded documents

[Lab home] [My home]