Data Encryption Standard [L1 ]
Man page for Unix des command:
User Commands DES(1)
des - DES file encryption
des -e|-d [-h] [-k key] [-b]
des is a filter that encrypts or decrypts standard input to standard output with the Data Encryption Standard (DES). Either -e (encrypt) or -d (decrypt) must be specified. If the key is not given on the command line with the -k option the command will prompt for it twice, suppressing echo and comparing the two responses to guard against mistyping. The -h flag controls how the key string is to be inter- preted. Without the -h flag, the key is an ASCII string. Since DES ignores the low order bit of each key byte, the high order bit is set for odd parity, thus retaining the information contained in the low order bit. If the -h flag is set, the key string is interpreted as 16 hex/ASCII char- acters; the low order bit of each byte is again ignored as per the DES algorithm. This allows the use of any arbitrary 56-bit key, including bytes representing control characters that could not be typed if the -h option were not used. By default, DES Cipher Block Chaining (CBC) mode is used, with an initial vector (IV) of all zeros; if the -b option is specified, Electronic Code Book (ECB) mode is used instead. Except for the -h option, this command is compatible with the des command on the Sun Microsystems workstation.
Sun Microsystems DES(1) manual page, which describes in detail how the length of the file is encoded in the last block of ciphertext.
Phil Karn, KA9Q Last change: 24 March 1987 1