DES encryption algorithm
- It is also a different education method in China and the United States. The two introduction of DES in my hand is very different. The foreigner's book is very easy to read, just like a chat, lively, and always come to an old American humor. The Chinese people written in the book words are rigorous, very serious, explain with absolute scientific attitude (let me not feel comfortable). Which method is better, don't you tell me? So I would rather see the original version of the whole English. Don't think that encryption, decrypt is only genius to learn. Don't believe! As long as you have certain mathematical knowledge, there are some programming experiences enough (don't tell me 1 1 =? I can't answer it)! Many encryption algorithms are not complex, but only the math characteristics of this algorithm are used to achieve encryption. The DES encryption algorithm described below is just a bit (it is difficult, not difficult). How, is there confident? ... then let us start! The DES encryption algorithm is proposed by IBM research in 1977. Using 64-bit (bit) data for encryption and decryption, the key used is also 64 bits. And was announced by the National Standards Bureau as a data encryption standard DES, mainly for non-state confidentiality.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 14 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64
===>
58 50 42 34 44 36 28 20 12 4 62 54 46 38 30 22 14 6 64 16 8 57 49 41 33 25 17 9 1 59 51 43 35 27 19 11 3 61 53 45 37 29 21 13 5 63 55 47 39 31 23 15 7
Has it be done? The result of the result is not the same as the table below:
1 1 0 0 1 0 0 0 0 0 0 1 1 0 0 0 1 1 0 1 1 0 0 0 0 1 0 0 1 1 1 1 1 0 0 1 0 1 0 0 1 0 0 1 0 1 1 1 0 0 1 0 1 0 1 0 0 0
what? You are wrong! No medicine saves! I doubt that your primary school graduation exam is cheating. Didn't do something wrong! Well, it is a good child! Step 2: Iterative Process is a very important step (standing, not soft). In order to make you see more clearly, I divide it into several parts. Finally, just put a few partial processes together. ★ First divide the results after IP treatment into two parts, as follows:
1 1 0 0 1 0 0 1 0 0 0 1 1 0 0 0 1 1 0 1 1 0 0 0 0 1 1 0
0 1 1 1 1 1 0 0 1 0 1 0 0 1 0 0 1 0 1 1 0 0 1 0 1 0 1 0 0 ↓ ╳ ╱ ╱ ↓ ↓ 0 1 1 1 1 1 0 0 1 0 1 0 0 1 0 0 1 0 1 1 1 0 0 1 0 1 0 1 0 0 0
? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?
I understand? First put the part of the right side, you can't copy it on the left. Then move the portion of the left to the right after F treatment. Then repeat the second step, a total of 16 times (true trouble). Don't urgently, F treatment, etc., will talk about the third step: IP-1 processing If you do something wrong with this step, you have done a bit of tofu! However, it is the reverse of IP.
40 8 48 16 5624 64 32 39 7 47 15 55 23 63 31 38 6 46 14 54 22 62 30 37 5 45 13 53 21 61 29 36 4 44 12 52 20 60 28 35 3 43 11 51 19 59 27 34 2 42 10 50 18 58 26 33 1 41 9 49 17 57 25
Step 4: What is the feeling? Is it full of confidence, preparing to show your skills! We only have F to handle this paragraph, I want to have the rest of you after you learn the above process (you are really genius !!).
Sorry, my hand is painful, I will here today. I want to rest! (Occupational disease, long time with mouse to hit the right hand will hurt)
Anti-attack risk quantization analysis data
1. To manage, save your own PIN IC card. If the physical protection of PIN, or when the private key is lost and the user's password is stealing, the user should launch a timely loss. 2. Replacement cycle of the key - Modern cryptography is the algorithm can be disclosed. The key to confidentiality is how to protect your key, and the critical key is how can crack the key. - System security executive, to be based on the sensitivity of the key length used by the system, the degree of importance of the information whose information is protected, and the analysis data of this attachment is left with reference to this attachment. The conditions of the safety factor are determined to determine the length of its key and certificate replacement cycle. At the same time, put the abandoned keys and certificates into the black library archive for possible use. - The correct security policy of the key replacement cycle is the guarantee that the system can run safely, which is the most important and most core daily task of the system's security manager. 3. Regarding the secreational strength safety assessment of the RSA algorithm - the confidentiality intensity of the RSA algorithm, the length of the key is increased. However, the longer the key, the longer the time consuming to decrypt the decryption. Therefore, it is necessary to consider the decision with the generation value of the attacker to solve the sensitivity of the protection information and the reaction time required to spend with the system. This is especially true for business information. - The following we list RSA129 (N = 10129) RSA129 (N = 10129) Hal Abelson, Jeff Schiller, Brian Lamacchia and Derek Atkins. The results of attacking research on PGP RSA (MPQS) algorithm are as follows; Note: 1995, SIMSON GARFINKEL "Pretty Good Privasy" excellent confidential system book). --RSA-129 (429-bit key) 4600 MIPS-YEARS - ie equivalent to 4,600 VAX11 / 780 joint operation a year The time or a Pentium runs for 46 years to find a N * 10129's large number of large numbers of PQ --RSA 512-Bit Key 42x104 MIPS-YEARS - RSA 700-Bit Key 42x108 MIPS-YEARS --RSA 1024- Bit Key 2.8x1015 MIPS-YEARS --RSA 384-Bit Key 470 MIPS-YEARS - Open Key Algorithm is first in 1976 at the time of Diffie and Hellman (Hellman) at Stanford University at the time of 1976. (NEW DIRECTION IN CRYPTOGRAPHY). However, the most popular RSA is constructed by the first letter from the name of the number of mathematicrs in this algorithm, respectively. The initial philosophy and goal development of the RSA algorithm is to address the problem of utilizing public channel transmission distribution using the secret key of the DES algorithm. The actual results not only solved this problem well; can also use RSA to complete the electronic Digital signature delegation and reliance against the electronic communication; at the same time, it can also use digital signatures to discover the illegal tampering of the partner to protect the integrity of the data information. 4. Attack the RSA key: - Secret Key length: 100 200 300 500 750 1000 - Time: 30 seconds 3 days 9 years 1 MJ for 2X109 6X 1015 - When the key length is greater than 512, it is impossible to break the key with personal life.
5. According to the US (Wall Street), the Manager Anil Pereira, Manager, Verisign (a Information Confidential Security Company), pointed out that DES encryption to cracked a secret key with 128-bit DES encryption is more than cracking a secret key. DES encryption is difficult to encryption of 40 in length is 300x1042 times (300 septillion times). That is to say, if the PC of the 300MC Pentium CPU is broken down to 3 hours, then take a 128-bit DES encryption with the same PC to take 900 x 1042 hours. This is impossible to do in a living year. There is currently no reports of hundreds of people using hundreds of large computers to use Internet distribution to break 128 DES encryption. But you can affirm that this practice spended for ordinary regular density, it is definitely worthless. 6. In addition, based on the attack results of the 1997 technical statistical analysis, JALAL Feghhi et al., September 1998, DES encrypted anti-attacks were given: (picking free TALAL Feghhi, Jalil Feghhi, Peter Willians "Digital Certificates" Page 51 of the book, the book is published by Canada from the Canada) Personal Attack Group Attacking Institute, School Network Attack Big Company Military Intelligence Agency 40 (BITS) number few days in the number of hours a few milliseconds microseconds 56 hundred years Ten years of hours a few hours a few days for thousands of years for several hundred years, and the number of minutes. 80 cannot be impossible. It cannot be impossible for hundreds of years. 128 It is impossible to not be impossible.
The attacker in the above table is equipped with the following computer resources.
Attacker type The computer resource equipped with a key number of keys per second personal attack 1 high-performance table-type computer and its software 217-224 group attack 16 high performance table-type computers and its software 221-224, school network Attack 256 high-performance table-type computers and its software 225-228 large companies worthy of $ 1 million hardware 243 military intelligence agencies with hardware and advanced attack technology worth 1 million US dollars 255
Note: The 99-year technology is expected to increase by about 200 times in 1997.
- Based on modern cryptography and its cryptographic system (different from traditional algorithm or password), the key to confidentiality is how to protect the key; and how the critical key is how to get the key. Because of a good modern cryptographic algorithm, in the case where the key is long enough, even if the person invented the algorithm, if he does not get the key. He is that it is extremely difficult to add the algorithm that uses his own inventive algorithm to add secret. There is also a problem that is more relatively easy to calculate in e-commerce. Note: Public Index (Encryption Index) EE = (65537) 10 = 216 1 = (100000000000001) 2 20 = 1 21 = 2 210 = 1024 ≌1 × 103 211 = 2048 ≌2 × 103 212 = 4096 ≌ 4 × 103 213 = 8192 ≌8 × 103 214 = 16384 ≌1.6 × 104 215 = 32768 ≌ 3.2 × 104 216 = 65536 ≌ 6.6 × 104 232 = 216. 216 ≌ 6.62 × 108 ≌4.4 × 109 264 = 232. 232 ≌4.42 × 1018 ≌1.9 × 1019 2128 = 264. 264 ≌1.92 × 1019 × 1019 ≌3.6 × 1038 2192 = 2128. 264 ≌3.6 × 1038 × 1057 2256 ≌6.8 × 1057 2256 = 2128. 2128 ≌3.62 × 1076 ≌1.3 × 1077 2384 = 2192 × 2192≌6.8 × 6.8 × 10114 ≌4.6 × 10115 2512 = 2256. 2256 ≌1.3 × 1.3 × 10154 ≌ 1.7 × 10154 2640 = 2512. 2128 ≌3.6 × 1.7 × 1038 154 ≌6.1 × 10192 2768 = 2640. 2128 ≌6.1 × 3.6 × 10192 38 ≌2.2 × 10231 2896 = 2768. 2128 ≌2.2 × 3.6 × 10231 38 ≌8.0 × 10269 21024 = 2512. 2512 ≌1.7 × 1.7 × 10154 154 ≌2.9 × 10308 21536 = 21024 . 2512 ≌2.9 × 1.7 × 10308 154 ≌ 4.9 × 10462 22048 = 21024. 21024 ≌2.92 × 10308 308 ≌ 8.4 × 10616 US collection, selection next century password algorithm standard AES
- April 15, 1997, the US National Standards and Technology Institute (NIST) initiating the activity of the AES (Advanced Encryption Standard) password algorithm. Notices of the AES candidate algorithm were issued in the Federal Registry (FR) in September 1997. The basic technical requirements for AES have been proposed, that is, the candidate algorithm is fast than triple DES, which is as safe as triple DES, the length of 128 bits, the key length is 128, 192, and 256 bits. - In August 1998, Nist convened the first AES candidate meeting to announce a number of discussion results of 15 candidate algorithms. As the first round of evaluation ended April 15, 1999. The second round of evaluation will be selected from 15 candidate algorithms, and finally an algorithm is selected as a formal AES standard in these five preferred algorithms, which is planned to be officially introduced in 2001. - 15 candidate algorithms are: 5 from the United States (HPC, MARS, RC6, Safert and Twofish); 2 from Canada (CAST-256 and REAL); Australia (Lok197), Belgium, Costa Rica ( Frog), France (DFC); Magenta, Japan (EZ), South Korea (Crypton) and Norwegian (SERPENT). For more details on AES, please refer to:
- Qingshan "Core-Password Algorithm and Security Agreement" and Fan Yuan Shu and other "comprehensive analysis of the AES algorithm" in October 1999, "China Computer Society Information Confidential Professional Committee" ". - A: http://www.sina.com.cn 1999/11/26 11:28 ZDNET China Recently, the minimum digital signature standard will be launched, and the launch of this standard will facilitate the promotion of Europe Internet electronic trade. (Reuters) - Addition: White House approves an exit key length of encryption software - [ChinaByte comprehensive message] US government recently approved the US Network Associates company can export its encryption software that meets PGP standards, The Network Alliance is excited to say that the government has a great significance of "epoch-making". --PGP is the abbreviation of "pretty good privacy", is a public code encryption program developed by Philip Zimmermann using the RSA algorithm. Network Alliance Company said, according to the export license issued by the US government, in the future it will be unrestricted to extends more than 128 bytes of export key lengths in most countries in the world. However, the company did not further illustrate other details or additional conditions of the license, but only explained that White House did not relieve export restrictions on Cuba and Iraq. - The Gionton government announced a request for the revision of the US existing encryption software export law last month. This draft draft has greatly relaxed the restrictions on US enterprises export encryption software products, but some of them have been criticized by the US Congress. The network alliance company official said that although this law has not yet obtained the final pass, the White House issued an export license to "specify the direction".
