Symmetric encryption based on data encryption and decryption - DES & TDES ( ECB or CBC )

Reprinted from
http://blog.sina.com.cn/s/blog_4c7ab7a601009884.html
http://www.blogjava.net/amigoxie/archive/2014/07/06/415503.html
http://www.hankcs.com /security/des-algorithm-illustrated.htmlThis

    article is to solve data encryption - the problem of data complement, the two modes of DES algorithm ECB and CBC problems and a more secure algorithm - 3DES algorithm.

    1. Data Complement
    DES Data encryption and decryption is to encrypt or decrypt data by DES according to an 8-byte segment to obtain a segment of 8-byte ciphertext or plaintext. The last segment is less than 8 bytes, and 8 bytes are supplemented as required. (usually add 00 or FF, depending on actual requirements) to calculate, and then connect the calculated data together in order.
The question here is why do we need to fill in data? The main reason is that the DES algorithm requires data to be 8 bytes in encryption and decryption.

    2. ECB mode
    DES ECB (electronic cipher book mode) is actually very simple, that is, encrypt or decrypt the data by DES according to an 8-byte segment to obtain a segment of 8-byte ciphertext or plaintext, and the last segment is less than 8 bytes. Complement 8 bytes according to the requirements for calculation, and then connect the calculated data together in sequence, and each segment of data does not affect each other.

    3. CBC mode
DES CBC (ciphertext block chaining method) is a bit troublesome, and its implementation mechanism makes the encrypted segments of data connected. The mechanism of its realization is as follows: The
encryption steps are as follows:
    1) First, group the data into groups of 8 bytes to obtain D1D2...Dn (if the data is not an integer multiple of 8, fill in with the specified PADDING data)
    2) The first group of data D1 and initialization vector The result after I XOR is encrypted by DES to obtain the first group of ciphertext C1 (initialization vector I is all zeros)
    3) The second group of data D2 and the encrypted result C1 of the first group are XORed and then encrypted by DES to obtain the first group of data D2. The data after the two sets of ciphertexts C2
    4) and so on, get Cn
    5) connected in sequence as C1C2C3...Cn is the encryption result.
   
    Decryption is the inverse process of encryption. The steps are as follows:
    1) First, group the data into groups of 8 bytes to obtain C1C2C3...Cn
    2) Decrypt the first group of data and perform XOR with the initialization vector I Obtain the first set of plaintext D1 (note: must be decrypted first and then XOR)
    3) Decrypt the second set of data C2 and XOR with the first set of ciphertext data to obtain the second set of data D2
    4) And so on , get Dn
    5) connect in sequence as D1D2D3...Dn is the decryption result.
Note here that the result of decryption is not necessarily our original encrypted data, it may also contain the bits that you supplemented, and you must remove the bits to be your original data.

    4. 3DES Algorithm
    The 3DES algorithm, as its name implies, is the 3-time DES algorithm. The algorithm principle is as follows:
    Let Ek() and Dk() represent the encryption and decryption process of the DES algorithm, K represents the key used by the DES algorithm, P represents the plaintext, and C represents the In this way, the

      3DES encryption process is: C=Ek3(Dk2(Ek1(P)))
      The 3DES decryption process is: P=Dk1((EK2(Dk3(C)))
    where K1=K3, but not K1=K2=K3 (if they are equal, it becomes a DES algorithm)
3DES with 2 diffrent keys (K1= K3), which can be 3DES-CBC or 3DES-ECB. The entire algorithm of 3DES-CBC is the same as DES-CBC, but an XOR operation step is added to the original encryption or decryption. The key used is 16-byte key, divide the key into two parts: left 8 bytes and right 8 bytes, namely k1=left 8 bytes, k2=right 8 bytes, and then perform encryption and
    decryption operations. 3 different keys, the process is exactly the same as 3DES-CBC, but the key used is 24 bytes, but the key used in each encryption, decryption and encryption is different, and the key is divided into 3 segments of 8 bytes. The keys are respectively key 1, key 2, and key 3. In 3DES encryption, key 1, key 2, and key 3 are used in sequence for encryption, decryption, and encryption, and in 3DES decryption, the key is used in sequence for decryption, encryption, and decryption. 3. Key 2, Key 1.