JanetTerra
Oct 25, 2006
= ==Cryptography with Liberty Basic= ==102: Classical Cryptography: DES====By==By Onur Alver(CryptoMan)== [[user:CryptoMan]](//CryptoMan//)== ---- ==INTRODUCTION== [[toc]] We will continue in our series of articles about Cryptography from where we left of at our [[CryptographyWithLB101|first article.]] We have talked about the basics of cryptography and historical cryptography which still influences modern cryptography. You can see these simple and seemingly complex ideas are finding their way into various articles, code snippets and sample code as 'good’ or ‘sufficient’ cryptography. Unfortunately, such simple methods may serve as good entertainment but not are really cryptography. So, let’s continue our study of cryptography and understand what is good cryptography.==INTRODUCTION==In our first article we have focused on **[[CryptographyWithLB101#SubstitutionCipher|substitution]]** technique. Remember that **//substitution//** technique is a system where the letters of plaintext (unciphered data) are replaced by other letters or numbers or symbols. This is like substituting X for A, K for B, etc. XORing plaintext with another character effectively moves the alphabet by as many characters of the ASCII value of the character it is **[[CryptographyWithLB101#XOR|XOR’ed]]** with.We will continue in our series of articles about Cryptography from where we left of at our first article. We have talked about the basics of cryptography and historical cryptography which has still some influences today. You can see those simple and seemingly complex ideas is finding their way into various articles, code snippets or sample code as ‘good’ or ‘sufficient’ cryptography. Unfortunately, those things are only good entertainment but not really cryptography. So,Now, let’s continueour study of cryptography and understand what is good cryptography. In our first article we have focused on **substitution** technique. Remember that substitution technique is a system where the letters of plaintext (unciphered data) replaced by other letters or numbers or symbols. This is like substituting X for A, K for B, etc. or XORing plaintextwithanother character which is effectively movingthealphabet by as many characters of the ASCII value of the character it is XOR’ed with. Now, let’s continue with **transposition**.**transposition** technique.==TRANSPOSITION== Transposition is changing the position of letters in a predetermined way. For example you can divide the text into two halves by taking every other character as shown below:---- [[#TranspositionCyper]] ==TRANSPOSITION=={{**PLAINTEXT**: ATTACKENEMYONAUGUST22AT 330GMT --> LEFT : ATCEEYNUUT2T30M ---> --> RIGHT: TAKNMOAGS2A03GT ---> **TRANSPOSED**:ATCEEYNUUT2T30MTAKNMOAGS2A03GT}} Ofcourse, you can invent more complex division schemes than the simple example given above and what you usually do after transposition**Transposition** ispasschanging theresultant transposed text from a numberposition ofsubstitution functions which will translate characters into other charactersletters in a predeterminedschedule. Onway. For example, you can divide thefollowing example in Liberty Basic we will first use the above simple transposition followedtext into two halves bya polyalphabetic substitution.taking every other character and assigning that character to left half or right half as shown below: [[code]]REM TRANSPOSITION + SUBSTITUTION EXAMPLE REM FIRST TRANSPOSED THEN POLYALPHABETICALLY SUBSTITUTED REM AND EVERYTHING DONE IN REVERSE TO OBTAIN ORIGINAL MESSAGE.PLAINTEXT: ATTACKENEMYONAUGUST22AT 330GMT LEFT : ATCEEYNUUT2T30M RIGHT: TAKNMOAGS2A03GT TRANSPOSED:ATCEEYNUUT2T30MTAKNMOAGS2A03GT [[code]]POLYDEPTH=5:DIM CRYPTKEY$(POLYDEPTH) PLAINKEY$= "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ:. " CRYPTKEY$(1)="LNOP4KQ6RSTFVEWZ:M.01X2H3G5A789BY CUDIJ" CRYPTKEY$(2)="4KQ6RSTFVEWL7IJ89BYCU DNOPZ:M.01X2H3G5A" CRYPTKEY$(3)="59B YCUDIJLA78NOP4KQ6RSTFVEWZ:M.01X2H3G" CRYPTKEY$(4)="VEWZ:M.01X2H3LNOP4KQ6RSTFG5A789BY CUDIJ" CRYPTKEY$(5)="4KQL7IJ89BYCU DNO6RSTFVEWPZ:M.01X2H3G5A" PLAINTEXT$="ATTACK AT 23:45 25 JUNE 2001"Of course, you can invent more complex division schemes than the simple example given above. What is usually done after transposition is to pass the resultant transposed text from a number of substitution functions which will translate characters into other characters following a predetermined schedule. The following example, coded in **[[http://www.libertybasic.com|Liberty Basic]]** language, uses the simple **{{left - right transposition}}** followed by a **{{polyalphabetic}}** substitution.TRANSPOSEDTEXT$="" LEFTSIDE$="" RIGHTSIDE$=""----FOR[[code format="vb"]] REM TRANSPOSITION + SUBSTITUTION EXAMPLE REM FIRST TRANSPOSED THEN POLYALPHABETICALLY SUBSTITUTED REM AND EVERYTHING DONE IN REVERSE TO OBTAIN ORIGINAL MESSAGE. POLYDEPTH=5:DIM CRYPTKEY$(POLYDEPTH) PLAINKEY$= "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ:. " CRYPTKEY$(1)="LNOP4KQ6RSTFVEWZ:M.01X2H3G5A789BY CUDIJ" CRYPTKEY$(2)="4KQ6RSTFVEWL7IJ89BYCU DNOPZ:M.01X2H3G5A" CRYPTKEY$(3)="59B YCUDIJLA78NOP4KQ6RSTFVEWZ:M.01X2H3G" CRYPTKEY$(4)="VEWZ:M.01X2H3LNOP4KQ6RSTFG5A789BY CUDIJ" CRYPTKEY$(5)="4KQL7IJ89BYCU DNO6RSTFVEWPZ:M.01X2H3G5A" PLAINTEXT$="ATTACK AT 23:45 25 JUNE 2001" TRANSPOSEDTEXT$="" LEFTSIDE$="" RIGHTSIDE$="" FOR I=1 TO INT(LEN(PLAINTEXT$)) STEP 2LEFTSIDE$LEFTSIDE$ =LEFTSIDE$+MID$(PLAINTEXT$,I,1)RIGHTSIDE$=RIGHTSIDE$+MID$(PLAINTEXT$,I+1,1) NEXTRIGHTSIDE$=RIGHTSIDE$+MID$(PLAINTEXT$,I+1,1) NEXT ITRANSPOSEDTEXT$=LEFTSIDE$+RIGHTSIDE$ CIPHERTEXT$="" FORTRANSPOSEDTEXT$=LEFTSIDE$+RIGHTSIDE$ CIPHERTEXT$="" FOR I=1 TO LEN(TRANSPOSEDTEXT$)FORFOR J=1 TO LEN(PLAINKEY$)CurrentChar$=UPPER$(MID$(TRANSPOSEDTEXT$,I,1)) CurrentPos$CurrentChar$=UPPER$(MID$(TRANSPOSEDTEXT$,I,1)) CurrentPos$ =MID$(PLAINKEY$,J,1)IFIF CurrentChar$=CurrentPos$ THENCIPHERTEXT$CIPHERTEXT$ = CIPHERTEXT$ + MID$( CRYPTKEY$( (I MOD POLYDEPTH)+1), J, 1)EXITEXIT FORENDEND IFNEXTNEXT JNEXTNEXT IDECIPHEREDTEXT$="" FORDECIPHEREDTEXT$="" FOR I=1 TO LEN(CIPHERTEXT$)FORFOR J=1 TO LEN(CRYPTKEY$(1))CurrentChar$=UPPER$(MID$(CIPHERTEXT$,I,1)) CurrentPos$CurrentChar$=UPPER$(MID$(CIPHERTEXT$,I,1)) CurrentPos$ =MID$(CRYPTKEY$( (I MOD POLYDEPTH)+1),J,1)IFIF CurrentChar$=CurrentPos$ THENDECIPHEREDTEXT$DECIPHEREDTEXT$ = DECIPHEREDTEXT$ + MID$( PLAINKEY$, J, 1)EXITEXIT FORENDEND IFNEXTNEXT JNEXTNEXT I‘AT‘AT THIS STAGE WHAT IS DECIPHERED IS TRANSPOSED TEXT‘TO‘TO FIND CLEARTEXT WE MUST UN-TRANSPOSE ITSKIP=INT(LEN(PLAINTEXT$)/2) CLR$="" FORSKIP=INT(LEN(PLAINTEXT$)/2) CLR$="" FOR I=1 TO SKIPCLR$=CLR$+MID$(DECIPHEREDTEXT$,I,1)+MID$(DECIPHEREDTEXT$,SKIP+I,1) NEXTCLR$=CLR$+MID$(DECIPHEREDTEXT$,I,1)+MID$(DECIPHEREDTEXT$,SKIP+I,1) NEXT Iresult of theexecution of this codeis:results in: [[code]] PLAINTEXT :ATTACKTEXT.....:ATTACK AT 23:45 25 JUNE 2001TRANSPOSEDTRANSPOSED TEXT:ATC T2:52 UE20TAKA 34 5JN 01CIPHER TEXT :W:3A8QHMQJ0NW48W62APRGMSHA5E DECIPHERED :ATTACKCIPHER TEXT....:W:3A8QHMQJ0NW48W62APRGMSHA5E DECIPHERED.....:ATTACK AT 23:45 25 JUNE 2001 [[code]] So, you must be getting the idea by now. By creating more complex **transposition** and **substitution** formulas you can build very good crypto systems. The key idea is that your formula and design must be **{{public}}** so everyone can build the necessary software according to **//your//** algorithm. This allows others to test, analyze and critique your encryption to identify weaknesses and suggest improvements. What must be **{{secret}}** is the **//KEY//** to your encryption.So, you must be getting the idea by now. By creating more complex transposition and substitution formulas you can build very good crypto systems. The key idea is that your formula and design must be public so everyone can build the necessary software according to your algorithm, test, analyze and critize it for possible weaknesses and suggest improvements. What must be secret is the KEY to your encryption. ==ENCRYPTION---- [[#EncryptionKey]] ==ENCRYPTION KEY==As a good physical key, an encryption key should be unique and should only open a specific lock or in our case decrypt the cipher text. This software equivalent of a physical key is a string of bits, say 64 bits. This to say a chain of ones and zeroes like this:As a good physical key, the encryption key should be unique and should only open a specific lock or, in our case, decrypt the cipher text. This software equivalent of a physical key is a string of bits, say 64 bits.This to say a chain of ones and zeroes like this: 1100011110010110000010111110000100001111111100110000010101101110And youYou can visualizeonesthe **{{ones}}** as the teeth andzeroesthe **{{zeroes}}** as the rod of the key.These ones and zeroes will instruct into our algorithm how we want to transpose and substitute each bit on our data instead of making a simple schedule of take every other character apart. What you do instead, you take a block of data, usually 8 bytes, convert it into 64 bits and according to a complex schedule as instructed by ones and zeroes in your key mix all the bits successively with several iterations in such a way that at the end nobody should be able to form the original 64 bit order by looking at it or working at it without knowing the key.[[code]] ______ [__ ]1100011110010110000010111110000100001111111100110000010101101110 [ ( ) ]||---||||--|-||-----|-|||||----|----||||||||--||-----|-|-||-|||- [ (__) ]|| |||| | || | ||||| | |||||||| || | | || ||| [______] [[code]]TheThese **{{ones}}** and **{{zeroes}}** will instruct our algorithm how we want to **//transpose//** and **//substitute//** each bit on our data. This is done instead of making a simple schedule of taking every other character apart. To explain more fully, you take a block of data, usually 8 bytes, convert it into 64 bits and according to the complex schedule (as instructed by ones and zeroes in your key), mix all the bits successively with several iterations in such a way that at the end nobody should be able to form the original 64 bit order by looking at it or working at it without actually knowing the key. The more bits you have in your key the more complex itgets.becomes. The idea is to make it so complex and costly in computer time and effort that it must be unfeasible to findit atthe solution in a reasonable timeframe, that reasonable timelikeframe being a few hours, days, weeks or years.NumberThe number of bits in the key is known as the **//key length//** . However, you must not confuse the keylength.lengths of block ciphers like **[[http://en.wikipedia.org/wiki/Data_Encryption_Standard|DES]]**, **[[http://en.wikipedia.org/wiki/3DES|3DES]]**, **[[http://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm|IDEA]]** or **[[http://en.wikipedia.org/wiki/Advanced_Encryption_Standard|AES]]** with public key ciphers like **[[http://en.wikipedia.org/wiki/RSA|RSA]]**, **[[http://www.rsasecurity.com/rsalabs/node.asp?id=2248|Diffie - Helman,]]** etc. A 128 bit **3DES** ( **Triple DES** ) key has equivalent strength to the 2048 bit **RSA** key. So, if someone claims that he has a super 512 bit cipher based on state of the **RSA** which admittedly is much better than strong 128 bit ciphers, you should take this as an entertainment. This is like comparing apples and oranges. Key size should be considered in the context of algorithm. As a general rule, 112 bit to 256 bit block ciphers can be considered fairly strong and unbreakable. Number theoric public key alogrithms like **RSA** must have 1024 or more bits. In fact for public key lengths, estimated secure key lengths are given by years. Currently it must be equal to or more than 1024 bits. By the year 2010, you should raise that standard to 2048 bits and beyond. We will discuss **public key cryptography** and **RSA** in the next article.However, you must not confuse the key lengths of block ciphers like DES, 3DES, IDEA or AES with public key ciphers like RSA, Diffie Helman, etc. 128 bit 3DES ( Triple DES ) has equivalent strength to 2048 bit RSA. So, if someone claims that he has a super 512 bit cipher based on state of the RSA which is much better than strong 128 bit ciphers, you should take this as an entertainment. This is like comparing apples and oranges. Key size should be considered in the context of algorithm. As a general rule 112 bit to 256 bit block ciphers can be considered pretty strong and unbreakable. Number theoric public key alogrithms like RSA must have 1024 or more bits. In fact for public key lengths, estimated secure key lengths are given by years. Currently it must be equal to or more than 1024 bits but by year 2010 you should raise it to 2048 bits and beyond. We will discuss public key cryptography and RSA on the next article.---- [[#DESCryption]] ==DES : DATA ENCRYPTION STANDARD== The most widely used encryption system in the world is **DES: Data Encryption Standard.** The DES system was adopted by the U.S. government as the standard for encryption in 1977. **DES** was designed by **IBM** engineers in 1973, in response to a call from the US government requesting an encryption system for all unclasssified government data. The **DES** system is based on an earlier cipher system called **[[http://en.wikipedia.org/wiki/Lucifer_%28cipher%29|LUCIFER]]** and was the only system acceptable by the **[[http://en.wikipedia.org/wiki/Nsa|US National Security Agency (NSA).]]** Originally designed as a 128-bit system, it was reduced to 56-bits following the advice of **NSA.** There has been significant controversy over this reduction which **NSA** claims that was made due to hardware design limitations. Oppenents say this significantly reduced the strength of the algorithm to a level so that any encryption can be easily broken by **NSA**. Nevertheless, **DES** has been widely adopted by many sectors, chiefly the financial sector which has decided to use it for the protection of **{{PIN}}** numbers on ATMs and EFT/POS terminals. **DES** is also used for encrypting sensitive data (ECB mode) on host to host communications, checking for message integrity with a special mode of DES called **cipher block chaining** (CBC mode).==DES : DATA ENCRYPTION STANDARD==**DES** is a **block cipher** operating on 64 bit data blocks (8 bytes) using 56 bit keys implementing succesfully the following concepts:The most widely used encryption system in**//Diffusion//:** theworldstatistical structure of cleartext data isDES: Data Encryption Standard adopted in 1977 by US government.mapped into a long range statistics of ciphertext. This means that every clear to cipher text transformation affects significantly following transformations making statistical frequency analysis efforts unfeasibleDES is designed by IBM engineers for call in 1973 for**//Confusion//:** makes theUS government request for an encryption system for all unclasssified government data.relationship between ciphertext and the key very complex to make discovery of the key extremely difficult.It is based on an earlier cipher system called LUCIFER and was**//Avalanche Effect//:** assures big changes in ciphertext with even 1 bit change in theonly system acceptable by the US National Security Agency (NSA). Originally designed as a 128-bit system, under the advise of NSA it was reduced to 56-bits. There has been significant controversy over this reduction which NSA claims that it was made due to hardware design reasons while oppenents say this significantly reduced the strength of the algorithm to a level so that it can be easily broken by NSA.key.Nevertheless, DESThe **DES** algorithm hasbeen widely adopted by many sectors but mainly by**16 rounds** with a specific **S-box** scheduling **substitutions, shifting and shuffling bits** with permutations with a resultant avalanche effect so huge that thefinancial sector which has decided to use it forstatistical relation between theprotection of PIN numbers on ATMscleartext andEFT/POS terminals. It is also used for encrypt sensitive data on hostciphertext becomes nearly impossible tohost communications, checking for message integrity with a special mode of DES called cipher block chaining.decipher.DES is a block cipher operating on 64 bit data blocks (8 bytes) using 56 bit keys implementing succesfully**DES** effectively employs thefollowing concepts:techniques of substitutions and transpositions in a very systematic and foolproof way.Diffusion:**DES** design has classified secrets such as thestatistical structurenature ofcleartext data is mapped into a long range statisticsS-boxes. Why are those numbers are used? These questions were never answered but only said that those are indeed very good numbers, and that any arbitrary change ofciphertext.these number could result in significant security losses. Thismeansis to say, these numbers are so designed thatevery clearthey optimize the bit shuffling in such a way as tocipher text transformation affects significantly following transformations making statistical frequency analysis efforts unfeasiblemake sure no trace of original data can be deduced from the output without knowing the key.Confusion: makes**DES is a symmetric cipher**, so therelationship between ciphertextsame key is used for both encryption and decryption. For decryption, thekey very complexalgorithm is executed in reverse order tomake discovery ofobtain thekey extremely difficult.cleartext . Therefore, the **//encyrptor and decryptor must share a common secret key//**.Avalanche Effect: assures big changes in ciphertext with even 1 bit change inThe Algorithm is a public key, but is is secret. If thekey.key became known than all of the encrypted data can be decrypted. This brings following significant problems: **o Key Generation** **o Key Distribution** **o Key Exchange** **o Key Protection** **o Key Verification**DES algorithm has 16 rounds with a specific S-box scheduling substitutions, shifting and shuffling bits with permutations with a resultant avalanche effect so huge that itWe will discuss these problems in thestatistical relation between the cleartext and ciphertext becomes impossible at the end.next article, as well as discussing how public key algorithms like **RSA** are solving these problems.DESI believe this iseffectively employing the techniquesa sufficient overview ofsubstitutions and transpositions**DES** for an introductory article. Those readers who want to go deeper can find many articles on Internet as well as several books ina very systematic and foolproof way.their bookstores. So, let’s go directly into an example **__implementation of DES written purely in Liberty Basic__**.DES design have classified secrets such as the nature of S-boxes. Why are those numbers are used ? These questions were never answered but only said that those are indeed very good numbers, arbitrary change of these number could result in significant security losses. This is to say, these numbers are so designed that they are optimizing the bit shuffling in such a way to make sure no trace of original data can be deduced from the output without knowing the key.----DES[[code format="vb"]] REM '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 'DES ENCRYPTION / DECRYPTION DEMO SOFTWARE WRITTEN PURELY IN LIBERTY BASIC 'Copyright(c) 2006, Verisoft CryptoMan 'www.verisoft.com onur@verisoft.com '---------------------------------------------------------------------------------------------- 'This software and source code isa **symetric cipher** so using the same keyprovided forboth encryptioneducational private use anddecryption. To decrypt the algorithm is executed in reversemay not be used 'for commercial purposes without express written consent of VERISOFT. '---------------------------------------------------------------------------------------------- 'LIABILITY CLAUSE: 'Verisoft will not accept any liabilities or claims due toobtain the cleartext .use, non-use, misuse of this software 'or damages to property or life under any circumstances, direct or indirect. Use it at your own 'risk. There are no claims to performance, correctness and fitness of this software. 'Use of or exportation of cryptographic software to certain countries; and disclosure thereof 'may violate local laws and regulations. '----------------------------------------------------------------------------------------------- ' LESSON 1: : THIS EXAMPLE ONLY ENCRYPTS AND DECRYPTS PLAINTEXT FILES ' DES : IT IS NOT FAST, IT IS NOT PERFECT, IT IS NOT COMPLETE ! ' SYMETRIC CRYPTO : IT ONLY SHOWS, HOW REAL ANSI/ISO DATA ENCRYPTION STANDARD ' WORKS: SINGLE DES, 56-BIT KEYS, ECB MODE. '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' ' WARNING: IF YOU ENCRYPT AND IMPORTANT FILE, AND THEN ERASE IT, AND THEN FORGET ' THE KEY AND YOU HAVE ONLY ENCRYPTED FILE; YOU WILL BE IN TROUBLE. PLEASE, DON'T ' CALL US OR ANYONE. IF YOU HAVE GOOD FRIENDS AT NSA, THEY MAY DO SOMETHING BUT ' NOT US. SORRY. DON'T ENCRYPT YOUR IMPORTANT FILES AND FORGET YOUR KEY !!!!!!!! '_________________________________________________________________________________________ GLOBAL INITIALTR$,FINALTR$,SWAP$,KEYTR1$,KEYTR2$,ETR$,PTR$,CR$,LF$ CALL InitializeTherefore, the encyrptor and decryptor must share a common secret key.NoMainWin WindowWidth = 800 WindowHeight = 500 UpperLeftX=int((DisplayWidth-WindowWidth)/2) UpperLeftY=int((DisplayHeight-WindowHeight)/2)Algorithmstatictext #main.statictext6, "Source File", 15, 2, 108, 20 statictext #main.statictext7, "Destination File", 15, 57, 192, 20 statictext #main.statictext8, "Encryption Key", 15, 112, 200, 20 textbox #main.source, 15, 24, 280, 25 button #main.browseSource, "Browse", [browseSource], UL, 230, 2, 60, 20 textbox #main.destination, 15, 80, 280, 25 button #main.browseDestination, "Browse", [browseDestination], UL, 230, 57, 60, 20 textbox #main.key, 15, 132, 110, 25 radiobutton #main.selectDecrypt, "Decrypt Source to Destination", [selectDecrypt], [reset], 15, 192, 280, 25 radiobutton #main.selectEncrypt, "Encrypt Source to Destination", [selectEncrypt], [reset], 15, 172, 280, 25 button #main.go, "Go", [go], UL, 10, 222, 85, 25 texteditor #main.tesrc, 300,10, 490, 200 'The handle for our texteditor ispublic but key#window.te texteditor #main.tedes, 300,230,490, 200 'The handle for our texteditor issecret. If the key become known than all of the encrypted data can be decrypted.#window.te graphicbox #main.gb, 800, 1, 10, 10This brings following significant problems: - Key Generation - Key Distribution - Key Exchange - Key Protection - Key Verification We will discuss these problems on the next article before talking about public key algorithms like RSA which is solving these problems. I believe this sufficient overview of DES in these introductory articles. Those readers who want to go deeper can find many articles on Internet or several books in their bookstores. So, let’s go directly into an example implementation of DES written purely in Liberty Basic. [[code]] REM '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 'DES ENCRYPTION / DECRYPTION DEMO SOFTWARE WRITTEN PURELY IN LIBERTY BASIC 'Copyright(c) 2006, Verisoft CryptoMan 'www.verisoft.com onur@verisoft.com '---------------------------------------------------------------------------------------------- 'This software and source code is provided for educational private use and may not be used 'for commercial purposes without express written consent of VERISOFT. '---------------------------------------------------------------------------------------------- 'LIABILITY CLAUSE: 'Verisoft will not accept any liabilities or claims due to use, non-use, misuse of this software 'or damages to property or life under any circumstances, direct or indirect. Use it at your own 'risk. There are no claims to performance, correctness and fitness of this software. 'Use of or exportation of cryptographic software to certain countries; and disclosure thereof 'may violate local laws and regulations. '----------------------------------------------------------------------------------------------- ' LESSON 1: : THIS EXAMPLE ONLY ENCRYPTS AND DECRYPTS PLAINTEXT FILES ' DES : IT IS NOT FAST, IT IS NOT PERFECT, IT IS NOT COMPLETE ! ' SYMETRIC CRYPTO : IT ONLY SHOWS, HOW REAL ANSI/ISO DATA ENCRYPTION STANDARD ' : WORKS: SINGLE DES, 56-BIT KEYS, ECB MODE. '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' 'WARNING: IF YOU ENCRYPT AND IMPORTANT FILE, AND THEN ERASE IT, AND THEN FORGET THE KEY ' AND YOU HAVE ONLY ENCRYPTED FILE; YOU WILL BE IN TROUBLE. PLEASE, DON'T CALL ' US OR ANYONE. IF YOU HAVE GOOD FRIENDS AT NSA, THEY MAY DO SOMETHING BUT ' NOT US. SORRY. DON'T ENCRYPT YOUR IMPORTANT FILES AND FORGET YOUR KEY !!!!!!!! '_______________________________________________________________________________________________ GLOBAL INITIALTR$,FINALTR$,SWAP$,KEYTR1$,KEYTR2$,ETR$,PTR$,CR$,LF$ CALL Initialize NoMainWin WindowWidth = 800 WindowHeight = 500 UpperLeftX=int((DisplayWidth-WindowWidth)/2) UpperLeftY=int((DisplayHeight-WindowHeight)/2) statictext #main.statictext6, "Source File", 15, 2, 108, 20 statictext #main.statictext7, "Destination File", 15, 57, 192, 20 statictext #main.statictext8, "Encryption Key", 15, 112, 200, 20 textbox #main.source, 15, 24, 280, 25 button #main.browseSource, "Browse", [browseSource], UL, 230, 2, 60, 20 textbox #main.destination, 15, 80, 280, 25 button #main.browseDestination, "Browse", [browseDestination], UL, 230, 57, 60, 20 textbox #main.key, 15, 132, 110, 25 radiobutton #main.selectDecrypt, "Decrypt Source to Destination", [selectDecrypt], [reset], 15, 192, 280, 25 radiobutton #main.selectEncrypt, "Encrypt Source to Destination", [selectEncrypt], [reset], 15, 172, 280, 25 button #main.go, "Go", [go], UL, 10, 222, 85, 25 texteditor #main.tesrc, 300,10, 490, 200 'The handle for our texteditor is #window.te texteditor #main.tedes, 300,230,490, 200 'The handle for our texteditor is #window.te graphicbox #main.gb, 800, 1, 10, 10 openopen "DES Crypto Demo V1.00"+space$(80)+"Verisoft(c)2006, www.verisoft.com " for window as #mainMODE = 1 #main.selectEncrypt, "set" waitMODE = 1 #main.selectEncrypt, "set" wait [browseSource] 'Search for source filefiledialogfiledialog "Select source file:","*.*",INFILE$ifif INFILE$ <> "" then #main.source, INFILE$waitwait [browseDestination] 'Search for destination filefiledialogfiledialog "Select destination file:","*.*",OUTFILE$ifif OUTFILE$ <> "" then #main.destination, OUTFILE$waitwait [selectDecrypt] 'Set mode to decryptionMODEMODE = 2waitwait [selectEncrypt] 'Set mode to encryptionMODEMODE = 1waitwait [reset] 'Perform action for the radiobutton named 'selectDecrypt'waitwait [go] 'Do it!#main.key,#main.key, "!contents? KEY$"#main.source,#main.source, "!contents? INFILE$"#main.destination,#main.destination, "!contents? OUTFILE$"cursorcursor hourglassRESULTRESULT = ENCRYPTION(MODE,INFILE$,OUTFILE$,KEY$)cursorcursor normalifif RESULT = 1 then notice "DES Crypto Result"+CR$+"Action completed successfully"ifif RESULT = 2 then notice "Encrypt/decrypt mode not properly selected"ifif RESULT = 3 then notice "Source file does not exist"ifif RESULT = 4 then notice "Destination file already exists"ifif RESULT = 5 then notice "No de/encryption key specified"waitwait [quit] 'End the programcloseclose #mainendendfunctionFUNCTION ENCRYPTION(MODE,INFILE$,OUTFILE$,KEY$)IFIF MODE=1 THENOPEN INFILE$ FOR INPUT AS #1 IF OUTFILE$="" THEN OUTFILE$="ENCTEMP";TIME$("ms");".TXT" OPEN OUTFILE$ FOR OUTPUT AS #2 #main.tesrc,"" #main.tesrc,DATE$();" ";TIME$() #main.tesrc,"----------------------------------------------" #main.tedes,"" #main.tedes,DATE$();" ";TIME$() #main.tedes,"----------------------------------------------"OPEN INFILE$ FOR INPUT AS #1 IF OUTFILE$="" THEN OUTFILE$="ENCTEMP";TIME$("ms");".TXT" OPEN OUTFILE$ FOR OUTPUT AS #2 #main.tesrc,"" #main.tesrc,DATE$();" ";TIME$() #main.tesrc,"----------------------------------------------" #main.tedes,"" #main.tedes,DATE$();" ";TIME$() #main.tedes,"----------------------------------------------"WHILE EOF(#1)=0 LINE INPUT #1,TEXT$ TEXT$=TEXT$+CR$ #main.tesrc,TEXT$; DO '''''''''''''''''''''''PAD WITH NUL WHEN BLOCK LESS THAN 8 BYTES'''''''''''''''''''' DX$=LEFT$(TEXT$,8) PDX$=chr$(0)+chr$(0)+chr$(0)+chr$(0)+chr$(0)+chr$(0)+chr$(0)+chr$(0) PDX$=DX$+LEFT$(PDX$,8-LEN(DX$)) ENC$=DESencrypt$(PDX$,KEY$) HX$=SpecHex$(ENC$) #main.tedes,HX$ PRINT #2,HX$ TEXT$=MID$(TEXT$,9) SCAN LOOP WHILE LEN(TEXT$)>0 WENDCLOSE #1 CLOSE #2 #main.tesrc,"----------------------------------------------" #main.tedes,"----------------------------------------------"WHILE EOF(#1)=0 LINE INPUT #1,TEXT$ TEXT$=TEXT$+CR$ #main.tesrc,TEXT$; DO ''''''''''''''''PAD WITH NUL WHEN BLOCK LESS THAN 8 BYTES'''''''''''''''' DX$=LEFT$(TEXT$,8) PDX$=chr$(0)+chr$(0)+chr$(0)+chr$(0)+chr$(0)+chr$(0)+chr$(0)+chr$(0) PDX$=DX$+LEFT$(PDX$,8-LEN(DX$)) ENC$=DESencrypt$(PDX$,KEY$) HX$=SpecHex$(ENC$) #main.tedes,HX$ PRINT #2,HX$ TEXT$=MID$(TEXT$,9) SCAN LOOP WHILE LEN(TEXT$)>0 WEND CLOSE #1 CLOSE #2 #main.tesrc,"----------------------------------------------" #main.tedes,"----------------------------------------------"ENCRYPTIONENCRYPTION = 1ELSE OPEN INFILE$ FOR INPUT AS #1 IF OUTFILE$="" THEN OUTFILE$="DECTEMP";TIME$("ms");".TXT" OPEN OUTFILE$ FOR OUTPUT AS #2 #main.tesrc,"" #main.tesrc,DATE$();" ";TIME$() #main.tesrc,"----------------------------------------------" #main.tedes,"" #main.tedes,DATE$();" ";TIME$() #main.tedes,"----------------------------------------------"ELSEWHILE EOF(#1)=0 LINEOPEN INFILE$ FOR INPUT#1,TEXT$ #main.tesrc,TEXT$ DX$=PackHex$(LEFT$(TEXT$,16)) DEC$=DESdecrypt$(DX$,KEY$)AS #1 IF OUTFILE$="" THEN OUTFILE$="DECTEMP";TIME$("ms");".TXT" OPEN OUTFILE$ FOR OUTPUT AS #2 #main.tesrc,"" #main.tesrc,DATE$();" ";TIME$() #main.tesrc,"----------------------------------------------" #main.tedes,"" #main.tedes,DATE$();" ";TIME$() #main.tedes,"----------------------------------------------"'''''''''''''''''REMOVE PADDING ADDED DURING ENCRYPTION'''''''''''''''''''''' TDEC$="" FOR I=1 TO 8 CH$=MID$(DEC$,I,1) IF CH$>CHR$(0) THEN TDEC$=TDEC$+CH$ NEXT #main.tedes,TDEC$; PRINT #2,TDEC$;WHILE EOF(#1)=0 LINE INPUT #1,TEXT$ #main.tesrc,TEXT$ DX$=PackHex$(LEFT$(TEXT$,16)) DEC$=DESdecrypt$(DX$,KEY$)WEND'''''''''''''''''REMOVE PADDING ADDED DURING ENCRYPTION''''''''''''''''' TDEC$="" FOR I=1 TO 8 CH$=MID$(DEC$,I,1) IF CH$>CHR$(0) THEN TDEC$=TDEC$+CH$ NEXT #main.tedes,TDEC$; PRINT #2,TDEC$;CLOSE #1 CLOSE #2 #main.tesrc,"----------------------------------------------" #main.tedes,"----------------------------------------------"WENDENCRYPTION = 1 END IF end functionCLOSE #1 CLOSE #2 #main.tesrc,"----------------------------------------------" #main.tedes,"----------------------------------------------" ENCRYPTION = 1 END IF END FUNCTION END''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' ' COPY GLOBALS AND ALL BELOW THIS LINE UNDER YOUR SOFTWARE AND YOU WILL ' DESencrypt AND'DESdecrypt FUNCTIONS IN YOUR SOFTWARE.' DESDES WORKS WITH ' 8 BYTE KEYS ON 8 BYTE DATA. IT ENCRYPTS TO 8 BYTE BLOCK AND WILL'DECRYPT ' FROM 8 BYTE BLOCK TO PLAIN TEXT. IF YOU HAVE LONGER DATA THEN YOU MUST ' DIVIDE IT INTO 8 BYTE BLOCKS. SHORTER THAN 8 BYTE BLOCKS MUST BE PADDED ' AND UNPADDED'BY YOUR SOFTWARE LOGIC. ABOVE, DEMO SHELL SHOWS THIS NICELY. ' HOWEVER, DOWN BELOW'THE GUI SHELL, IT CALLS THE FUNCTIONS BELOW. DES NEEDS ' ALL THOSE COMPLEX FUNCTIONS'AND NUMBERS.YOUYOU SHOULD NOT TOUCH OR WORRY ' ABOUT THEM. JUST USE DESencrypt(DATA$,KEY$) 'DATA$,KEY$ ) OR DESdecrypt( ENCDATA$,KEY$ ). ' YOU CAN DECRYPT WITH THE EXACT SAME KEY YOU USED FOR'ENCRYPTION.'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' Function PackHex$( y$ ) z$="" for j=1 to len(y$) step 2 n=HEXDEC(mid$(y$,j,2)) z$=z$+chr$(n) next j PackHex$=z$ end function''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' FUNCTION PackHex$( y$ ) z$="" for j=1 to len(y$) step 2 n=HEXDEC(mid$(y$,j,2)) z$=z$+chr$(n) next j PackHex$=z$ END FUNCTION FUNCTION SpecHex$( y$ )z$="" FORz$="" FOR j=1 TO LEN(y$)n=ASC(MID$(y$,j,1)) IFn=ASC(MID$(y$,j,1)) IF n<16 THEN z$=z$+"0"z$=z$+DECHEX$(n) NEXTz$=z$+DECHEX$(n) NEXT jSpecHex$=z$SpecHex$=z$ END FUNCTION FUNCTION RANDOMKEY$()X$="" FORX$="" FOR I=1 TO 8X$=X$+CHR$(RND(1)*255) NEXTX$=X$+CHR$(RND(1)*255) NEXT IRANDOMKEY$=X$RANDOMKEY$=X$ END FUNCTION SUB Initialize CR$=CHR$(13):LF$=CHR$(10)CR$=CHR$(13):LF$=CHR$(10)INITIALTR$="" DATA 58,50,42,34,26,18,10,2,60,52,44,36,28,20,12,4,62,54,46,38,_ 30,22,14,6, 64,56,48,40,32,24,16,8,57,49,41,33,25,17,9,1,59,51,43,_ 35,27,19,11,3,61,53,45,37,29,21,13,5,63,55,47,39,31,23,15,7 FOR I=1 TO 64:READ X:INITIALTR$=INITIALTR$+CHR$(X): NEXT IINITIALTR$="" DATA 58,50,42,34,26,18,10,2,60,52,44,36,28,20,12,4,62,54,46,38,30,22,14,6,64,56,48,40,32,24,16,8,57,49,41,33,25,17,9,1,59,51,43,35,27,19,11,3,61,53,45,37,29,21,13,5,63,55,47,39,31,23,15,7 FORFINALTR$="" DATA 40,8,48,16,56,24,64,32,39,7,47,15,55,23,63,31,38,6,46,14,54,_ 22,62,30,37,5,45,13,53,21,61,29,36,4,44,12,52,20,60,28,35,3,43,11,_ 51,19,59,27,34,2,42,10,50,18,58,26,33,1,41,9,49,17,57,25 FOR I=1 TO 64:READX:INITIALTR$=INITIALTR$+CHR$(X):X:FINALTR$=FINALTR$+CHR$(X): NEXT IFINALTR$="" DATA 40,8,48,16,56,24,64,32,39,7,47,15,55,23,63,31,38,6,46,14,54,22,62,30,37,5,45,13,53,21,61,29,36,4,44,12,52,20,60,28,35,3,43,11,51,19,59,27,34,2,42,10,50,18,58,26,33,1,41,9,49,17,57,25 FORSWAP$="" DATA 33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,_ 53,54,55,56,57,58,59,60,61,62,63,64,01,02,03,04,05,06,07,08,09,10,_ 11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32 FOR I=1 TO 64:READX:FINALTR$=FINALTR$+CHR$(X):X:SWAP$=SWAP$+CHR$(X): NEXT ISWAP$="" DATA 33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58,59,60,61,62,63,64,01,02,03,04,05,06,07,08,09,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32 FOR I=1 TO 64:READ X:SWAP$=SWAP$+CHR$(X): NEXT IKEYTR1$="" DATA 57,49,41,33,25,17,9,1,58,50,42,34,26,18,10,2,59,51,43,35,_ 27,19,11,3,60,52,44,36,63,55,47,39,31,23,15,7,62,54,46,38,30,22,_ 14,6,61,53,45,37,29,21,13,5,28,20,12,4,0,0,0,0,0,0,0,0 FOR I=1 TO 64:READ X:KEYTR1$=KEYTR1$+CHR$(X): NEXT IKEYTR1$="" DATA 57,49,41,33,25,17,9,1,58,50,42,34,26,18,10,2,59,51,43,35,27,19,11,3,60,52,44,36,63,55,47,39,31,23,15,7,62,54,46,38,30,22,14,6,61,53,45,37,29,21,13,5,28,20,12,4,0,0,0,0,0,0,0,0 FORKEYTR2$="" DATA 14,17,11,24,1,5,3,28,15,6,21,10,23,19,12,4,26,8,16,7,27,20,_ 13,2,41,52,31,37,47,55,30,40,51,45,33,48,44,49,39,56,34,53,46,42,_ 50,36,29,32,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 FOR I=1 TO 64:READX:KEYTR1$=KEYTR1$+CHR$(X):X:KEYTR2$=KEYTR2$+CHR$(X): NEXT IKEYTR2$="" DATA 14,17,11,24,1,5,3,28,15,6,21,10,23,19,12,4,26,8,16,7,27,20,13,2,41,52,31,37,47,55,30,40,51,45,33,48,44,49,39,56,34,53,46,42,50,36,29,32,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 FORETR$="" DATA 32,1,2,3,4,5,4,5,6,7,8,9,8,9,10,11,12,13,12,13,14,15,_ 16,17,16,17,18,19,20,21,20,21,22,23,24,25,24,25,26,27,28,29,_ 28,29,30,31,32,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 FOR I=1 TO 64:READX:KEYTR2$=KEYTR2$+CHR$(X):X:ETR$=ETR$+CHR$(X): NEXT IETR$="" DATA 32,1,2,3,4,5,4,5,6,7,8,9, 8,9,10,11,12,13,12,13,14,15,16,17,16,17,18,19,20,21,20,21,22,23,24,25,24,25,26,27,28,29,28,29,30,31,32,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 FOR I=1 TO 64:READ X:ETR$=ETR$+CHR$(X): NEXT IPTR$="" DATA 16,7,20,21,29,12,28,17,1,15,23,26,5,18,31,10,2,8,24,14,_ 32,27,3,9,19,13,30,6,22,11,4,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,_ 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 FOR I=1 TO 64:READ X:PTR$=PTR$+CHR$(X): NEXT IPTR$="" DATA 16,7,20,21,29,12,28,17,1,15,23,26,5,18,31,10,2,8,24,14,32,27,3,9,19,13,30,6,22,11,4,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0 FOR I=1 TO 64:READ X:PTR$=PTR$+CHR$(X): NEXT IDIM ROTS(16) DATA 1,1,2,2,2,2,2,2,1,2,2,2,2,2,2,1 FOR I=1 TO 16:READ X:ROTS(I)=X: NEXT IDIM ROTS(16) DATA 1,1,2,2,2,2,2,2,1,2,2,2,2,2,2,1 FOR I=1 TO 16:READ X:ROTS(I)=X: NEXT IDIM S(8,64) DATA 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7,_ 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8,_ 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0,_ 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13DIM S(8,64) DATA 14, 4, 13,DATA 15, 1,2, 15, 11,8, 14, 6, 11, 3,10, 6, 12, 5,4, 9,0, 7,_ 0, 15,7,4, 14,2, 13,1, 10, 6,12,11, 9,0, 5,3, 8,_ 4, 1, 14, 8,10,_ 3, 13,6, 2, 11,4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5,_ 0, 14, 7,3,11, 10, 4, 13, 1, 5,0,_ 15, 12,8,2, 4,12, 6, 9, 3, 2, 15,_ 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5,11, 3,14,10, 0, 6, 139DATA 15, 1, 8,DATA 10, 0, 9, 14, 6,11,3,4, 9, 7, 2, 13, 12, 0,15, 5,10,_ 3,1, 13, 12, 7, 11, 4, 2, 8,_ 13, 7,15,0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12,0, 1, 10,11, 15, 1,_ 13, 6, 4, 9, 8, 15, 3, 0, 11,5,_ 0,1, 2, 12, 5, 10, 14,7, 11,7,_ 1, 10,4,13,1, 5, 8, 12,0, 6, 9,3, 2, 15,_ 13,8,10, 1, 3, 15,7, 4,2,15, 14, 3, 11,6, 7, 12, 0,5,14, 92, 12DATA 10, 0, 9,DATA 7, 13, 14,6,3,15, 5, 1, 13, 12, 7, 11, 4, 2, 8,_ 13, 7,0,9, 3, 4,6, 9, 10, 1, 2, 8, 5,14, 12,11,15, 1,_ 13, 6,12, 4,9,15,_ 13, 8, 11, 5, 6, 15,3,0,11, 1,3, 4, 7, 2, 12,5,1, 10, 14,7,_ 1, 10, 13, 0,9,_ 10, 6, 9,8,0, 12, 11, 7,4,13, 15,14,1, 3,11,14, 5, 2,128, 4,_ 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14DATADATA 2, 12, 4, 1, 7,13, 14, 3, 0, 6, 9,10,1, 2,11, 6, 8, 5, 3, 15, 13, 0, 14, 9,_ 14, 11, 2, 12, 4,15,_ 13, 8, 11,7, 13, 1, 5,6, 15,0, 15, 10, 3,4, 7,9, 8, 6,_ 4, 2,12,1, 11, 10,14, 9,_ 10, 6,13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14,_ 11, 8, 12,11,7,13, 15,1,3,14,5,2,8, 4,_ 3,13, 6, 15, 0,6, 10, 1, 13, 8,9, 10, 4, 5,11, 12, 7, 2, 143DATA 2,DATA 12,4,1,7,10,11,15, 9, 2, 6, 8,5,0, 13, 3,15, 13, 0,4, 14,9,_ 14, 11, 2, 12, 4,7,13, 1,5,0,11,_ 10, 15,10, 3, 9, 8, 6,_ 4,4, 2,1, 11, 10, 13,7,8, 15,12, 9,12,5, 6, 1, 13, 14, 0, 11, 3,0, 14,_ 11,8,_ 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6,_ 4, 3, 2, 12, 9, 5, 15, 10, 11, 14,2, 13,1, 7, 6,15,0,9, 10, 4, 5, 38, 13DATA 12, 1, 10, 15, 9,DATA 4, 11, 2,6, 8,14, 15, 0, 8, 13, 3,4, 14, 7, 5, 11,_ 10, 15, 4, 2, 7,12, 9, 7, 5, 10, 6,1, 13, 14,1,_ 13, 0, 11,3, 8,_ 9,7, 4, 9, 1, 10, 14,15,3, 5, 12, 2, 15, 8, 6,_ 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2,_ 6, 11, 13, 8, 1, 4, 10,1, 13, 11, 6,_ 4, 3, 2, 12,7, 9, 5, 0, 15,10, 11,14,1, 7, 6, 0, 8, 132, 3, 12DATA 4, 11,DATA 13, 2,14, 15, 0,8,13, 3, 12, 9, 7, 5, 10,4, 6,1,_ 13, 0,15, 11,7, 4, 9,1, 10,14,9, 3, 14, 5, 0, 12,2,7,_ 1, 15,8, 6,_ 1, 4, 11,13,12,8, 10, 3, 7,14, 10, 15,4, 12, 5, 6,8,11, 0,5,14, 9, 2,_6,7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13,8,15, 3, 5, 8,_ 2, 1, 14, 7, 4, 10,7,8, 13, 15, 12, 9,5,0,15, 14, 2,3,125, 6, 11DATA 13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7,_ 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2,_ 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8,_ 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11 FORFOR I=1 TO 8FORFOR J=1 TO 64READREAD XS(I,J)=X NEXTS(I,J)=X NEXT JNEXTNEXT I END SUBSUB TRANSPOSE BYREF DAT$, T$, NDIMDIM iDAT(64),iT(64),iX(64)FORFOR I=1 TO 64IFIF MID$(DAT$,I,1)=CHR$(1) THEN iDAT(I)=1 ELSE iDAT(I)=0iX(I)=iDAT(I) iT(I)=ASC(MID$(T$,I,1)) NEXTiX(I)=iDAT(I) iT(I)=ASC(MID$(T$,I,1)) NEXTFORFOR I=1 TO NiDAT(I)=iX(iDAT(I)=iX( iT(I) )NEXT ZAT$="" FORNEXT ZAT$="" FOR I=1 TO 64: ZAT$=ZAT$+CHR$(iDAT(I)): NEXT IDAT$=LEFT$(ZAT$DAT$=LEFT$(ZAT$ ,64) END SUB SUB ROTATE BYREF KEY$X$=LEFT$(KEY$,56) X$=MID$(X$,2,55) X$=LEFT$(X$,27)+LEFT$(KEY$,1)+MID$(X$,29) X$=LEFT$(X$,55)+MID$(KEY$,29,1X$=LEFT$(KEY$,56) X$=MID$(X$,2,55) X$=LEFT$(X$,27)+LEFT$(KEY$,1)+MID$(X$,29) X$=LEFT$(X$,55)+MID$(KEY$,29,1 )KEY$=LEFT$(X$,56)KEY$=LEFT$(X$,56) END SUB SUB UNROTATE BYREF KEY$X$=LEFT$(KEY$,56) X$=MID$(KEY$,28,1)+LEFT$(X$,55) X$=LEFT$(X$,28)+MID$(KEY$,56,1)+MID$(X$,30) KEY$=LEFT$(X$,56)X$=LEFT$(KEY$,56) X$=MID$(KEY$,28,1)+LEFT$(X$,55) X$=LEFT$(X$,28)+MID$(KEY$,56,1)+MID$(X$,30) KEY$=LEFT$(X$,56) END SUBSUB F I, BYREF KEY$, BYREF A$, BYREF X$DIMDIM Z(64),Y(64)E$=LEFT$(A$,56) CALLE$=LEFT$(A$,56) CALL TRANSPOSE E$,ETR$, 48FORFOR J=1 TO ROTS(I)CALLCALL ROTATE KEY$NEXT IKEY$=LEFT$(KEY$,56) CALLNEXT IKEY$=LEFT$(KEY$,56) CALL TRANSPOSE IKEY$,KEYTR2$, 48FORFOR J=1 TO 48IFIF ASC(MID$(E$,J,1))+ASC(MID$(IKEY$,J,1))=1 THEN Y(J)=1 ELSE Y(J)=0NEXT FORNEXT FOR K=1 TO 64: Z(K)=ASC(MID$(X$,K,1)): NEXTFORFOR K=1 TO 8R=32*Y(6*K-5)+16*Y(6*K)+8*Y(6*K-4)+4*Y(6*K-3)+2*Y(6*K-2)+Y(6*K-1)+1 IFR=32*Y(6*K-5)+16*Y(6*K)+8*Y(6*K-4)+4*Y(6*K-3)+2*Y(6*K-2)+Y(6*K-1)+1 IF ODD(S(K,R) / 8) THEN Z(4*K-3)=1 ELSE Z(4*K-3)=0IFIF ODD(S(K,R) / 4) THEN Z(4*K-2)=1 ELSE Z(4*K-2)=0IFIF ODD(S(K,R) / 2) THEN Z(4*K-1)=1 ELSE Z(4*K-1)=0IFIF ODD(S(K,R)) THEN Z(4*K) =1 ELSE Z(4*K) =0NEXT X$="" FORNEXT X$="" FOR K=1 TO 64: X$=X$+CHR$(Z(K)): NEXTCALLCALL TRANSPOSE X$,PTR$,32 END SUBSUB F2 I, BYREF KEY$, BYREF A$, BYREF X$DIMDIM Z(64),Y(64)E$=LEFT$(A$,64) CALLE$=LEFT$(A$,64) CALL TRANSPOSE E$, ETR$, 48IKEY$=LEFT$(KEY$,64) CALLIKEY$=LEFT$(KEY$,64) CALL TRANSPOSE IKEY$, KEYTR2$ , 48FORFOR J=1 TO 48IFIF ASC(MID$(E$,J,1))+ASC(MID$(IKEY$,J,1))=1 THEN Y(J)=1 ELSE Y(J)=0NEXTNEXT JFORFOR J=1 TO ROTS(17-I)CALLCALL UNROTATE KEY$NEXTNEXT JFORFOR K=1 TO 64: Z(K)=ASC(MID$(X$,K,1)): NEXTFORFOR K=1 TO 8R=32*Y(6*K-5)+16*Y(6*K)+8*Y(6*K-4)+4*Y(6*K-3)+2*Y(6*K-2)+Y(6*K-1)+1 IFR=32*Y(6*K-5)+16*Y(6*K)+8*Y(6*K-4)+4*Y(6*K-3)+2*Y(6*K-2)+Y(6*K-1)+1 IF ODD(S(K,R) / 8) THEN Z(4*K-3)=1 ELSE Z(4*K-3)=0IFIF ODD(S(K,R) / 4) THEN Z(4*K-2)=1 ELSE Z(4*K-2)=0IFIF ODD(S(K,R) / 2) THEN Z(4*K-1)=1 ELSE Z(4*K-1)=0IFIF ODD (S(K,R)) THEN Z(4*K)=1 ELSE Z(4*K)=0NEXT X$="" FORNEXT X$="" FOR K=1 TO 64: X$=X$+CHR$(Z(K)): NEXTCALLCALL TRANSPOSE X$,PTR$,32 END SUBFUNCTION ODD( N )IFIF INT(N) MOD 2 = 0 THEN ODD=0 ELSE ODD=1 END FUNCTIONFUNCTION DESencrypt$( PTEXT$, KY$ )PLAINTEXT$=BINARY$(PTEXT$) KEY$=BINARY$(KY$) A$=LEFT$(PLAINTEXT$=BINARY$(PTEXT$) KEY$=BINARY$(KY$) A$=LEFT$( PLAINTEXT$,64 )CALLCALL TRANSPOSE A$, INITIALTR$ ,64CALLCALL TRANSPOSE KEY$, KEYTR1$ ,56FORFOR I=1 TO 16B$=LEFT$(B$=LEFT$( A$,64 )A$=MID$(B$,33,32) CALLA$=MID$(B$,33,32) CALL F I,KEY$,A$,X$FORFOR J=1 TO 32IFIF ASC(MID$(B$,J,1))+ASC(MID$(X$,J,1))=1 THEN A$=A$+CHR$(1) ELSE A$=A$+CHR$(0)NEXT NEXT CALLNEXT NEXT CALL TRANSPOSE A$,SWAP$,64CALLCALL TRANSPOSE A$,FINALTR$,64DESencrypt$=ASCII$(A$)DESencrypt$=ASCII$(A$) END FUNCTIONFUNCTION DESdecrypt$( CTEXT$, KY$ )CRYPTEXT$=BINARY$(CTEXT$) KEY$=BINARY$(KY$) A$=LEFT$(CRYPTEXT$=BINARY$(CTEXT$) KEY$=BINARY$(KY$) A$=LEFT$( CRYPTEXT$,64 )CALLCALL TRANSPOSE A$, INITIALTR$ ,64CALLCALL TRANSPOSE KEY$, KEYTR1$ ,56FORFOR I=1 TO 16B$=LEFT$(B$=LEFT$( A$,64 )A$=MID$(B$,33,32) CALLA$=MID$(B$,33,32) CALL F2 I,KEY$,A$,X$FORFOR J=1 TO 32IFIF ASC(MID$(B$,J,1))+ASC(MID$(X$,J,1))=1 THEN A$=A$+CHR$(1) ELSE A$=A$+CHR$(0)NEXT NEXT CALLNEXT NEXT CALL TRANSPOSE A$,SWAP$,64CALLCALL TRANSPOSE A$,FINALTR$,64DESdecrypt$=ASCII$(A$)DESdecrypt$=ASCII$(A$) END FUNCTION FUNCTION BINARY$( BMP$ )BITMAP$="" FORBITMAP$="" FOR j=1 TO 8L1=ASC(MID$(BMP$,j,1)) FORL1=ASC(MID$(BMP$,j,1)) FOR i=7 TO 0 STEP -1IFIF ( 2^i AND L1 ) THEN BITMAP$=BITMAP$+CHR$(1) ELSE BITMAP$=BITMAP$+CHR$(0)NEXTNEXT iNEXTNEXT jBINARY$=BITMAP$BINARY$=BITMAP$ END FUNCTIONFUNCTION ASCII$( BMP$ )BITMAP$="" C=0 N=7 FORBITMAP$="" C=0 N=7 FOR j=1 TO 64C=C+ASC(MID$(BMP$,j,1))*2^N N=N-1 IFC=C+ASC(MID$(BMP$,j,1))*2^N N=N-1 IF ( j MOD 8 )=0 THENBITMAP$=BITMAP$+CHR$(C) N=7 C=0 ENDBITMAP$=BITMAP$+CHR$(C) N=7 C=0 END IFNEXTNEXT jASCII$=BITMAP$ASCII$=BITMAP$ END FUNCTION[[code]] ---- ==56 BITS DES KEY LENGTH== You may wonder why 56 bits used instead of 64 bits. This is because every byte has 7 databitsbits and 1 paritybit, sobit. Thus, 8 x 7 = 56 bits is the effective key size. Highest parity bitisis generally ignored but if it ischeckedchecked, it is then expected that DES keys must have odd parity.---- [[#TripleDES]] ==3DES: TRIPLE DES==56 bits DESThe **{{56 bits}} DES** algorithm, also known assingle DES**single DES**, has been cracked forfewsome years now. This can be donewithwith specially designed parallel computers with high speed hardwareDES**//DES cryptoprocessors. Anotherprocessors//**. Another method used is a network effort made with tens of thousands of Pentium PCs connectedoverover the Internet.Using aA special screensaverwhichuses the idle time of these PCs to search akeykey space assigned to each PC. This way,everyeach PC is given a different key space from amastermaster computer. After several days ormonthsmonths, eventually one of the PCs finds the key andreportsreports this to the master computer via Internet. This attack is possible if a knownplaintext attack**((plaintext attack}}** is possible. Otherwise this sort of brute force attack is difficult. However, mostattractiveattractive target financial encrypted data such as encipheredPIN**{{PIN}}** numbers have a knownplaintextplaintext pattern and thus such an attack is possible. Due to thisallall, major credit card systemsare nowhave since changed to3DES:TRIPLE DES.**[[http://en.wikipedia.org/wiki/3DES|3DES:TRIPLE DES.]]** **TRIPLE DES** uses two **{{56 bit}} DES {{keys}}** in what is known as **EDE** mode, or **//Encrypt Decrypt Encrypt//** mode. So, effectively it is **{{112 bit}}** encryption. Even so, **EDE** remains generally termed as **{{128 bit}}** encryption. So, this is the so called **//strong 128 bit encryption//**. **Single DES** run {{three times}} with {{two keys}}. Of course, you can also use {{three keys}} in **EDE** mode, but the classic **3DES** is **{{112 bit}} 3DES** which **//encrypts//** with **EDE** and **//decrypts//** with **DED** using two **{{56 bit keys}}**. **3DES is very strong** and we can say it is **//unbreakable//** until **quantum computers** become a reality. Otherwise, even with the 'fastest of the fastest' computers in the world, the **{{112 bits key space}}** can not feasibly be searched using a brute force trial and error method to find all the right bits. There are **//2 to the power 112 different possible keys//**. This is a big number. How big? Let's say if every bit can be represented by one electron, which is not possible but still we say if this is possible, and we were to store every possibility, then you will have > 5 192 296 858 534 827 628 530 496 329 220 096 electrons x 112 bits > 1 electron is 1/1837 weight of an AMU, atomic mass unit > 1 gram is equivalent to 1,675,000,000,000,000,000,000,000 AMU According to this, the weight of our data only on our hard disk will be 188,996 kg ( 416,292 lb) or almost 200 metrictons. Which is to say you will have pretty heavy metal on your desktop. Not a good idea to put all this data in your laptop. In fact according to current hard disk technology your harddisk will instantly turn into a **black hole** and suck up everything around if you try to store all **3DES** keys possible. So, don't mess around with 3DES without adult supervision. ----- ==MAC : MESSAGE AUTHENTICATION CODE== One of the useful applications of **DES** and **3DES** is **MAC: Message Authentication Code**. **MAC** is used to ensure **//INTEGRITY//** while **DES/3DES** ensures **//CONFIDENTIALITY.//** This means, using **MAC**, you can create a **digital signature** to assure that no part of the message, not even one bit hasbeen changed in transit.TRIPLE DES: uses two 56 bit DES keys in what is known as EDE mode: Encrypt Decrypt Encrypt mode. So, effectively it is 112 bit encryption but generally termed as 128 bit encryption. So, this is the so called strong 128 bit encryption, single DES run three times with two keys. Ofcourse,For example, if youcan also use 3 keys in EEE modeare making a wire transfer from {{account number 1029121}} to {{2771099}} for $125.00, you will not want someone messing around withthree keys butdata to divert theclassic 3DESfunds to {{account number 2499911}} instead. Neither, do you want the amount of transfer changed from $125.00 to $12,500.00. Hence, the two banks exchange the **//MAC'ing keys//** used for transfers. Each transferred message is112 bit 3DES which encrypts with EDE and decrypts with DEDthen divided into 8 byte blocks. These 8 byte blocks are then successively encrypted usingtwo 56 bit keys.either **DES** or **3DES**, **XOR**ing the next block to the encrypted value of previous block until the end of the message is reached.3DES very strongThis procedure results in an 8 byte hexadecimal value. Usually you take the left half 4 bytes andwe can say it is unbreakable until quantum computers can be built feasibly. Otherwise, even withcall this thefastest**//MAC offastest computers intheworldmessage//**. You append this **MAC** to the112 bits key space can not be feasibly searched with brute force trialend of each message. Finally the recipient gets the message anderror method until finding all**MAC**. The receiver then recomputes theright bits. There are 2 to**MAC** again using thepower 112 different possible keys. This is a big number. How big ? Let's say if every bit can be represented by one electron which is not possible but still we say if this is possibleagreed upon key andto store every possible than you will have 5 192 296 858 534 827 628 530 496 329 220 096 electrons x 112 bits. 1 electron is 1/1837 weight of an AMU, atomic mass unit. 1 gram is equivalent to 1,675,000,000,000,000,000,000,000 AMU. According to thiscompares the transmitted **MAC**. If the two **MAC**'s don't match, then theweight of ourdataonlyhas been violated inour hard disk willtransit. Of course this same technique can be188,996 kg ( 416,292 lb) or almost 200 metric tons. Which isapplied tosay you will have pretty heavy metalfiles stored onyour desktop. Notthe disk. You can put agood idea to put this data in your laptop. In fact according to current hard disk technology your hard disk will instantly turn into**MAC** at the end of each line of ablack holecritical contract andsuck up everything around ifone **MAC** for the entire document. If the document **MAC** doesn't match the expected **MAC**, then youtrycan check every line with the **Line MAC**s tostore all 3DES keys possible. So, don't mess aroundsee which line of the documentwas altered. Likewise, you can put **MAC**s to every accounting record to detect any internal fraud by an employee messing with3DES without adult supervision.company accounts.==MAC : MESSAGE AUTHENTICATION CODE==**MAC** is the backboneof many financial transactions like credit card systems. For example the latest**EMV** chip cards from **Visa** and **Mastercard** or **Contactless** cards like **Mastercard PayPass** or **Visa Wave** uses variants of **MAC** like **CVV**, **ARQC**, **ARPC**, etc to provide end to end message integrity of credit and debit card transactions. From the date, time, amount, currency code, card number and random elements **ARQC (Authorisation Request Cryptogram)** is generated by the chip card in a **POS** or **ATM**. During the transaction, the **MAC** is checked by the issuing bank online to determine if this is a valid transaction. If found to be 'good', the **ARPC (Authorisation Response Cryptogram)** is sent back to the terminal which submits this code to the card. The card then decides whether this response is bona fide and accepts or rejects the transaction accordingly.OneAll ofthe useful applications of DES or 3DES is MAC: Message Authentication Code which is used for INTEGRITY while DES/3DES is used for CONFIDENTIALITY. This means, using MAC, you can create a digital signature to assure no part of the message, even one bit have been changedthese global events happen intransit. For example, if you are makingjust awire transfer from account number 1029121 to 2771099 for $125.00 you will not someone messing around with data to divert the funds to account no 2499911 instead of 2771099 or change amount of transfer to $12500.00. Hence, between two banks they exchange MAC'ing keys to be used for transfers and then they sign each transfer by dividing the transfer message into 8 byte blocks and successively encrypt each block with DES or 3DES, XOR the next block to the encrypted value of previous block until end of the message. Finally, you get a 8 byte hexadecimal value. Usually you take the left half 4 bytes and call this the MAC of the message. You append this MAC to the end of each message. Finally the receipient gets the message and MAC after which the receiver recomputes the MAC again using the agreed key and compares the transmitted MAC. If two MACs don't match this will mean somebody messed with data in transit. Ofcourse the same can be applied to files stored on the disk, you can put a MAC at the end of each line of a critical contract and one MAC for the entire document. If document MAC doesn't match to expected MAC then you can check every line with Line MACs to see which line of the document was altered. Likewise, you can put MACs to every accounting record to detect an internal fraud of an employee messing with company accounts. MAC is the backbone of many financial transactions like credit card systems. For example the latest EMV chip cards from Visa and Mastercard or Contactless cards like Mastercard PayPass or Visa Wave uses variants of MAC like CVV, ARQC, ARPC, etc to provide end to end message integrity of credit and debit card transactions. From the date, time, amount, currency code, card number and random elements ARQC Authorisation Request Cryptogram is generated by the chip card in a POS or ATM during transaction which is checked by the issuer bank online and if it is good a corresponding ARPC Authorisation Response Cryptogram is sent back to the terminal which submits this code to the card and finally the card decide whether this response is bona fide and accepts or rejects the completion succesfully or declination of the transaction. All of this happens in afew secondsaround the globe andusing a smartcard with a chip smaller than11 millimetersquare and latelysquare. More recently, these transactions are being made withcontaclesscontactless cards wirelessly over the air.So, these things areEncryption is not science fiction but real life events happening behind the scenes thingsof everydayof such everday eventslikeas checking out from the supermarket with your credit cardoror using your digital mobile phone.==CONCLUSION==So you have DES algorithm written in Liberty Basic and a simple GUI application to play around. It is not a fast implementation which would require a DLL written in C. Maybe, because of this it could be more interesting for some to see MATRIX style, Hollywood movie like HEX numbers floating on the window, a cliche of our times when our hero or heroine sits in front of a display to watch these speeding numbers and bingo gets into deepest secret ICBM launch site, etc.----Enjoy.==CONCLUSION==It will get more interesting with public key cryptographySo you now have a **DES** algorithm written in [[http://www.libertybasic.com|Liberty Basic]] and a simple GUI application for experimentation. It is not a fast implementation. Such speed would require a DLL written in C. Perhaps this brings to mind a **//[[http://www.imdb.com/title/tt0133093/|MATRIX]]//** style, Hollywood scene like those **{{HEX numbers}}** floating on the window; a cliche of our times when our hero or heroine sits in front of a display to watch these speeding numbers and , bingo, gets into the deepest secrets of the nextarticle.ICBM launch. Enjoy. It will get more interesting with public key cryptography on the next article. CryptoMan ---- **Copyright (c) 2006, Verisoft** **[[http://www.verisoft.com|www.verisoft.com]]** **[[mailto:onur@verisoft.com|onur@verisoft.com]]****Copyright (c) 2006, Verisoft www.verisoft.com [[mailto:onur@verisoft.com|onur@verisoft.com]]----[[Cryptography with Liberty Basic 102: Classical Cryptography: DES by CryptoMan]]**