3DES

3DES

3DES(或稱為Triple DES)是三重數據加密算法(TDEA,Triple Data Encryption Algorithm)塊密碼的通稱。它相當於是對每個數據塊套用三次DES加密算法。由於計算機運算能力的增強,原版DES密碼的密鑰長度變得容易被暴力破解;3DES即是設計用來提供一種相對簡單的方法,即通過增加DES的密鑰長度來避免類似的攻擊,而不是設計一種全新的塊密碼算法。3DES算法是指使用雙長度(16位元組)密鑰K=(KL||KR)將8位元組明文數據塊進行3次DES加密、解密的。

加密過程

3DES加密過程為:C=Ek3(Dk2(Ek1(P)))

3DES解密過程為:P=Dk1((EK2(Dk3(C)))

具體的加/解密過程如圖所示。

using System;

using System.Text;

using System. IO;

using System.Security.Cryptography;

class Class1

{

static void Main()

{

Console.WriteLine("Encrypt String...");

txtKey = "tkGGRmBErvc=";

btnKeyGen();

Console.WriteLine("Encrypt Key :{0}",txtKey);

txtIV = "Kl7ZgtM1dvQ=";

btnIVGen();

Console.WriteLine("Encrypt IV :{0}",txtIV);

Console.WriteLine();

string txtEncrypted = EncryptString("1111");

Console.WriteLine("Encrypt String : {0}",txtEncrypted);

string txtOriginal = DecryptString(txtEncrypted);

Console.WriteLine("Decrypt String : {0}",txtOriginal);

}

private static SymmetricAlgorithm mCSP;

private static string txtKey;

private static string txtIV;

private static void btnKeyGen()

{

mCSP = SetEnc();

byte[] byt2 = Convert.FromBase64String(txtKey);

mCSP.Key = byt2;

}

private static void btnIVGen()

{

byte[] byt2 = Convert.FromBase64String(txtIV);

mCSP.IV = byt2;

}

private static string EncryptString(string Value)

{

ICryptoTransform ct;

MemoryStream ms;

CryptoStream cs;

byte[] byt;

ct = mCSP.CreateEncryptor(mCSP.Key, mCSP.IV);

byt = Encoding.UTF8.GetBytes(Value);

ms = new MemoryStream();

cs = new CryptoStream(ms, ct, CryptoStreamMode.Write);

cs.Write(byt, 0, byt.Length);

cs.FlushFinalBlock();

cs.Close();

return Convert.ToBase64String(ms.ToArray());

}

private static string DecryptString(string Value)

{

ICryptoTransform ct;

MemoryStream ms;

CryptoStream cs;

byte[] byt;

ct = mCSP.CreateDecryptor(mCSP.Key, mCSP.IV);

byt = Convert.FromBase64String(Value);

ms = new MemoryStream();

cs = new CryptoStream(ms, ct, CryptoStreamMode.Write);

cs.Write(byt, 0, byt.Length);

cs.FlushFinalBlock();

cs.Close();

return Encoding.UTF8.GetString(ms.ToArray());

}

private static SymmetricAlgorithm SetEnc()

{

return new DESCryptoServiceProvider();

}

}

K1、K2、K3決定了算法的安全性,若三個密鑰互不相同,本質上就相當於用一個長為168位的密鑰進行加密。多年來,它在對付強力攻擊時是比較安全的。若數據對安全性要求不那么高,K1可以等於K3。在這種情況下,密鑰的有效長度為112位。

DES算法

3DES算法是指使用雙長度(16位元組)密鑰K=(KL||KR)將8位元組明文數據塊進行3次DES加密/解密。如下所示:

Y = DES( KL[DES-1( KR[DES( KL[X] )] )] )

解密方式為:

X = DES-1( KL[DES( KR[DES-1( KL[Y] )] )] )

其中,DES( KL[X] )表示用密鑰K對數據X進行DES加密,DES-1( KR[Y] )表示用密鑰K對數據Y進行解密。

SessionKey的計算採用3DES算法,計算出單倍長度的密鑰。表示法為:SK = Session(DK,DATA)

3DES加密算法為:

VOID 3DES(BYTE DoubleKeyStr, BYTE Data, BYTE Out)

{

BYTE Buf1, Buf2;

DES (&DoubleKeyStr, Data, Buf1);

UDES(&DoubleKeyStr, Buf1, Buf2);

DES (&DoubleKeyStr, Buf2, Out);

}

加密實例

Java語言

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

32

33

34

35

36

37

38

39

40

41

42

43

44

45

46

47

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

80

81

82

83

84

85

86

87

88

89

90

/*字元串 DESede(3DES) 加密*/

//註:百度代碼識別BUG,代碼中空格屬全形。拷貝代碼之後請自行修改。

import java.security.Security;

import javax.crypto.Cipher;

import javax.crypto.SecretKey;

import javax.crypto.spec.SecretKeySpec;

public class DES3 {

private static final String Algorithm = "DESede"; // 定義 加密算法 ,可用

// DES,DESede,Blowfish

// keybyte為加密 密鑰 ,長度為24位元組

// src為被加密的 數據緩衝區 (源)

public static byte[] encryptMode(byte[] keybyte, byte[] src) {

try {

// 生成密鑰

SecretKey deskey = new SecretKeySpec(keybyte, Algorithm);

// 加密

Cipher c1 = Cipher.getInstance(Algorithm);

c1.init(Cipher.ENCRYPT_MODE, deskey);

return c1.doFinal(src);

} catch (java.security.NoSuchAlgorithmException e1 ) {

e1.printStackTrace();

} catch (javax.crypto.NoSuchPaddingException e2) {

e2.printStackTrace();

} catch (java.lang.Exception e3) {

e3.printStackTrace();

}

return null;

}

// keybyte為加密密鑰,長度為24位元組

// src為加密後的緩衝區

public static byte[] decryptMode(byte[] keybyte, byte[] src) {

try {

// 生成密鑰

SecretKey deskey = new SecretKeySpec(keybyte, Algorithm);

// 解密

Cipher c1 = Cipher.getInstance(Algorithm);

c1.init(Cipher.DECRYPT_MODE, deskey);

return c1.doFinal(src);

} catch (java.security.NoSuchAlgorithmException e1) {

e1.printStackTrace();

} catch (javax.crypto.NoSuchPaddingException e2) {

e2.printStackTrace();

} catch (java.lang.Exception e3) {

e3.printStackTrace();

}

return null;

}

// 轉換成 十六進制 字元串

public static String byte2hex(byte[] b) {

String hs = "";

String stmp = "";

for (int n = 0; n < b.length; n++) {

stmp = (java.lang.Integer.toHexString(b[n] & 0XFF));

if (stmp.length() == 1) {

hs = hs + "0" + stmp;

} else {

hs = hs + stmp;

}

if (n < b.length - 1) {

hs = hs + ":";

}

}

return hs.toUpperCase();

}

public static void main (String[] args) {

// 添加新安全算法,如果用JCE就要把它添加進去

Security.addProvider(new com.sun.crypto.provider.SunJCE());

final byte[] keyBytes = {0x11, 0x22, 0x4F, 0x58, (byte) 0x88, 0x10,

0x40, 0x38, 0x28, 0x25, 0x79, 0x51, (byte) 0xCB, (byte) 0xDD,

0x55, 0x66, 0x77, 0x29, 0x74, (byte) 0x98, 0x30, 0x40, 0x36,

(byte) 0xE2}; // 24位元組的密鑰

String szSrc = "This is a 3DES test . 測試";

System.out.println("加密前的字元串:" + szSrc);

byte[] encoded = encryptMode(keyBytes, szSrc.getBytes());

System.out.println("加密後的字元串:" + new String(encoded));

byte[] srcBytes = decryptMode(keyBytes, encoded);

System.out.println("解密後的字元串:" + (new String(srcBytes)));

}

}

相關詞條

相關搜尋

熱門詞條

聯絡我們