Symmetric encryption algorithm
DES
Data Encryption Standard is a symmetric cipher adopted in the federal Information Processing Standard (FIPS) of the United States in 1977. DES has been widely used by governments and banks in the United States and other countries. However, with the development of computers, DES is now capable of brute force cracking, which is not as strong as before.
RSA held a competition to decipher DES keys (DESChallenge). The results of the competition were:
- The 1977 contest took 96 days to crack
- The first match in 1998 took 41 days to crack
- The second race in 1998 lasted 56 hours
- The third match in 1999 took 22 hours and 15 minutes
Since DES ciphertext can be cracked in a short time, we should not use this algorithm now, except for decrypting the previous ciphertext. It is not safe.
DES encryption and decryption
DES is a symmetric cipher algorithm that encrypts 64 bits of plain text into 64 bits of ciphertext. The key length of DES is 56 bits. Although the key length of DES is 64 bits in terms of specifications, the key length of DES is 56 bits because a bit is set every 7 bits for error check.
Conclusion:
- Now using DES encryption, data is safe?
- It’s not secure. It’s been cracked
- Is it a block cipher?
- Yes, the data is grouped before being encrypted or decrypted
- DES packet length?
- 8byte==64bit
- DES key length?
- 56bit key length +8bit error check flag bit= 64bit==8byte
3DES
Triple-des — Triple DES encryption is used
Conclusion:
- Is 3DES secure?
- Safe, but inefficient
- Algorithm description?
- DES encryption was performed three times
- Is it a grouping algorithm?
- is
- 3DES Packet length?
- 8byte
- 3DES Key length?
- 24byte, which is evenly divided into three parts within the algorithm to be compatible with DES
- 3DES Encryption Process?
- Key 1-> Encrypt ->, Key 2-> decrypt, Key 3-> encrypt
- 3DES decryption process?
- Key 1-> Decrypt ->, Key 2-> encrypt, Key 3-> decrypt
Des-cbc mode encryption and decryption Go implementation
package main
import (
"crypto/cipher"
"crypto/des"
)
// Clear data is populated
func paddingLastGroup(plainText []byte, blockSize int) []byte {
//1. Count the number of bytes to be filled after the plaintext in the last packet
padNum := blockSize - len(plainText)%blockSize
//2. Convert the number of bytes to byte type
char := []byte{byte(padNum)}
//3. Create a slice and initialize it
newPlain := bytes.Repeat(char, padNum)
//4. Append the fill data to the original data
newText := append(plainText, newPlain...)
return newText
}
// Remove the padding data after the plaintext
func unpaddingLastGroup(plainText []byte) []byte {
//1. Get the last byte in the slice
length := len(plainText)
lastChar := plainText[length- 1]
//2. Convert the last data to an integer
number := int(lastChar)
return plainText[:length-number]
}
/ / des encryption
func desEncrypt(plainText, key []byte) []byte {
//1. Set up an underlying DES password interface
block, err := des.NewCipher(key)
iferr ! =nil {
panic(err)
}
//2. Populate the plaintext data (this must be populated, regardless of whether the original plaintext is divisible by the block length)
groupData := paddingLastGroup(plainText, block.BlockSize())
//3. Select an encryption mode
iv := []byte("12345678")
blockMode := cipher.NewCBCEncrypter(block, iv)
/ / 4. Encryption
cipherText := make([]byte.len(groupData))
blockMode.CryptBlocks(cipherText, groupData)
// blockmode. CryptBlocks(groupData, groupData) //
return cipherText
}
/ / des declassified
func desDecrypt(cipherText, key []byte) []byte {
//1. Create a des low-level password interface
block, err := des.NewCipher(key)
iferr ! =nil {
panic(err)
}
//2. Select decryption mode
iv := []byte("12345678") // The initialized vector must be the same as the encrypted one
blockMode := cipher.NewCBCDecrypter(block, iv)
/ / 3. Decryption
padText := make([]byte.len(cipherText))
blockMode.CryptBlocks(padText, cipherText)
//4. Fill in the data
plainText := unpaddingLastGroup(padText)
return plainText
}
func main(a){
fmt.Println(Des encryption and decryption)
key := []byte("1q2w3e4r")
src := []byte(DES --Data Encryption Standard is a symmetric cipher adopted in the federal Information Processing Standard (FIPS) of the United States in 1977. DES has been widely used by governments and banks in the United States and other countries. However, with the development of computers, DES is now capable of brute force cracking, which is not as strong as before. Since DES ciphertext can be cracked in a short time, we should not use it now, except to decrypt previous ciphertext. It is not secure.")
cipherText := desEncrypt(src, key)
plainText := desDecrypt(cipherText, key)
fmt.Println("Decrypted data is:".string(plainText))
}
Copy the codeAES
Advanced Encryption Standard(AES) is a symmetric cipher algorithm that replaces DES. The underlying algorithm is Rijndael, which is a block cipher algorithm designed by Belgian cryptographers.
The packet length of Rijndael is 128 bits. The key length can be selected from 128 to 256 bits in 32 bits. According to THE AES specification, the key length can be 128 bits, 192 bits, and 256 bits
128bit = 16 bytes
192bit = 24 bytes
256 bits = 32 bytes
Only 16 bytes of key length are supported in the interface provided by GO
Conclusion:
- Is AES safe?
- Safe and efficient, recommended
- Is it a block cipher?
- is
- AES packet length?
- 128bit = 16 bytes
- AES Key length?
- 128bit = 16 bytes
- 192bit = 24 bytes
- 256 bits = 32 bytes
- Only 16 bytes are supported in the interface provided by GO
Aes-ctr mode encryption and decryption Go implementation
package main
import (
"crypto/aes"
"crypto/cipher"
)
/ / aes encryption
func aesEncrypt(plainText, key []byte) []byte {
//1. Set up an AES password interface
block, err := aes.NewCipher(key)
iferr ! =nil {
panic(err)
}
//2. CTR mode does not require data padding
//3. Select an encryption mode
iv := []byte("12345678qwertyui") // There is no need to initialize the vector. The iv in the go interface can be understood as a random number seed. The length of iv is equal to the length of the plaintext grouping, and it is not a real initialization vector
stream := cipher.NewCTR(block, iv)
/ / 4. Encryption
stream.XORKeyStream(plainText, plainText)
return plainText
}
/ / aes decryption
func aesDecrypt(cipherText, key []byte) []byte {
//1. Create an AES low-level password interface
block, err := aes.NewCipher(key)
iferr ! =nil {
panic(err)
}
//2. Select decryption mode
iv := []byte("12345678qwertyui") // Random number seed, length of 16 bits
stream := cipher.NewCTR(block, iv)
/ / 3. Decryption
padText := make([]byte.len(cipherText))
stream.XORKeyStream(padText, cipherText)
return padText
}
func main(a){
fmt.Println("Aes encryption and decryption")
key := []byte("1q2w3e4r")
src := []byte(AES -Advanced Encryption Standard \nAES is a symmetric Encryption algorithm to replace DES. The underlying algorithm is Rijndael, which is a block cipher algorithm designed by Belgian cryptographers. \ The packet length of nRijndael is 128 bits, and the key length can be selected in the unit of 32 bits from 128 bits to 256 bits. In THE SPECIFICATION of AES, the key length is only 128 bits, 192 bits and 256 bits. In the interface provided by GO, the key length is only 16 bytes. The encryption and decryption function interface is the same, because xor once is encryption, xor twice is decryption, so there is no need to implement two interfaces.")
cipherText := desEncrypt(src, key)
plainText := desDecrypt(cipherText, key)
fmt.Println("Decrypted data is:".string(plainText))
}
Copy the code