glenda.party
term% ls -F
term% cat index.txt
DES(2)                        System Calls Manual                       DES(2)



NAME
       setupDESstate,  des_key_setup,  block_cipher,  desCBCencrypt, desCBCde‐
       crypt, desECBencrypt,  desECBdecrypt,  des3CBCencrypt,  des3CBCdecrypt,
       des3ECBencrypt,  des3ECBdecrypt,  key_setup,  des56to64, des64to56, se‐
       tupDES3state, triple_block_cipher  - single and triple digital  encryp‐
       tion standard

SYNOPSIS
       #include <u.h>
       #include <libc.h>
       #include <mp.h>
       #include <libsec.h>

       void des_key_setup(uchar key[8], ulong schedule[32])

       void block_cipher(ulong *schedule, uchar *data, int decrypting)

       void setupDESstate(DESstate *s, uchar key[8], uchar *ivec)

       void desCBCencrypt(uchar *p, int len, DESstate *s)

       void desCBCdecrypt(uchar *p, int len, DESstate *s)

       void desECBencrypt(uchar *p, int len, DESstate *s)

       void desECBdecrypt(uchar *p, int len, DESstate *s)

       void triple_block_cipher(ulong  expanded_key[3][32], uchar text[8], int
            ende)

       void setupDES3state(DES3state *s, uchar key[3][8], uchar *ivec)

       void des3CBCencrypt(uchar *p, int len, DES3state *s)

       void des3CBCdecrypt(uchar *p, int len, DES3state *s)

       void des3ECBencrypt(uchar *p, int len, DES3state *s)

       void des3ECBdecrypt(uchar *p, int len, DES3state *s)

       void key_setup(uchar[7], ulong[32])

       void des56to64(uchar *k56, uchar *k64)

       void des64to56(uchar *k64, uchar *k56)

DESCRIPTION
       The Digital Encryption Standard (DES) is a shared-key or symmetric  en‐
       cryption  algorithm  using  either a 56-bit key for single DES or three
       56-bit keys for triple DES.  The keys are encoded into  64  bits  where
       every eight bit is parity.

       The basic DES function, block_cipher, works on a block of 8 bytes, con‐
       verting them in place.  It takes a  key  schedule,  a  pointer  to  the
       block, and a flag indicating encrypting (0) or decrypting (1).  The key
       schedule is created from the key using des_key_setup.

       Since it is a bit awkward, block_cipher is rarely called directly.  In‐
       stead,  one  normally uses routines that encrypt larger buffers of data
       and which may chain the encryption state from one buffer to  the  next.
       These  routines  keep  track  of  the  state  of the encryption using a
       DESstate structure that contains  the  key  schedule  and  any  chained
       state.   SetupDESstate sets up the DESstate structure using the key and
       an 8-byte initialization vector.

       Electronic code book, using desECBencrypt  and  desECBdecrypt,  is  the
       less  secure  mode.   The encryption of each 8 bytes does not depend on
       the encryption of any other.  Hence the encryption  is  a  substitution
       cipher using 64 bit characters.

       Cipher  block  chaining mode, using desCBCencrypt and desCBCdecrypt, is
       more secure.  Every block encrypted depends on the initialization  vec‐
       tor and all blocks encrypted before it.

       For both CBC and ECB modes, a stream of data can be encrypted as multi‐
       ple buffers.  However, all buffers except the last must be  a  multiple
       of 8 bytes to ensure successful decryption of the stream.

       There  are  equivalent  triple-DES (DES3-EDE) functions for each of the
       DES functions.

       In the past, Plan 9 used a 56-bit or 7-byte format for DES keys.  To be
       compatible  with  the  rest  of the world, we've abandoned this format.
       There are two functions, des56to64 and des64to56, to convert  back  and
       forth  between the two formats.  Also a key schedule can be set up from
       the 7-byte format using key_setup.

SOURCE
       /sys/src/libsec

SEE ALSO
       mp(2),  aes(2),  blowfish(2),  dsa(2),  elgamal(2),   rc4(2),   rsa(2),
       sechash(2), prime(2), rand(2)
       Breaking DES, Electronic Frontier Foundation, O'Reilly, 1998

BUGS
       Single  DES  can be realistically broken by brute-force; its 56-bit key
       is just too short.  It should not be used in  new  code,  which  should
       probably use aes(2) instead, or at least triple DES.



                                                                        DES(2)