to see a pure-Tcl implementation of a DES (just 56-bit encryption) go [http://loewerj.freeshell.org/des.tcl]. <== [RJ] 02/16/04 This is a dead link <== Read about DES in the Handbook of Applied Cryptography [http://www.cacr.math.uwaterloo.ca/hac/] Chapter 7 [http://www.cacr.math.uwaterloo.ca/hac/about/chap7.pdf] http://www.queuecard.com/docs/RSA_faq.pdf is a large FAQ on cryptography. This is part of [tcllib]. to encrypt do: package require des DES::GetKey -encrypt encryptKeysArray # or DES::GetKey -encryptVNC encryptKeysArray set encryptedBlock [DES::DoBlock encryptKeysArray] ... to decrypt do: package require des DES::GetKey -decrypt decryptKeysArray set plainText [DES::DoBlock decryptKeysArray] ... I did a pure-tcl implementation of Eric Young's fast version some years ago. The recent developement of [TkVNC] (pure-Tcl as well) and the missing authentication, leads me to release the code. Unfortunately, I recognize that the [VNC] implementation generates the key vector out of the key/password slightly different. So I reimplemented another, more readable version, whichs allows standard and VNC mode easily to be switched. I still have the old version around. [Jochen Loewer] ---- [Pascal Scheffers]: Nice work! Before adding this to tcllib, though, it would be reasonably important to not only provide methods for ECB, but also for CBC, CFB and OFB. As these last are the ones actually used by most protocols. And while you're at it maybe 2-key 3des. EBC is very interesting for academic purposes, but should be avoided if possible - if only this ends up in tcllib a lot of people will have a Warm, Fuzzy, ''False'' Sense of Security when they start using ECB encryption. Normal users should have a higher level interface. package require des DES::GetKey -encrypt encryptKeysArray set myPlainText {An arbitrary amount of text you would normally use} set myCipherText [DES::DoOFB $myPlainText encryptKeysArray] Have you run the code against a DES test set? [PS] adds - I have started a description of [block cipher modes] for those interested. And for DES specifically FIPS 81 [http://www.itl.nist.gov/fipspubs/fip81.htm] ---- [PT] writes: [aku] posted me his Trfcrypt des test file and I have modified this into a tcllib style test suite. I also added a wrapper proc so it looks a bit like the other packages in tcllib. That is: set cryptotext [DES::des -mode encode -key $secret $plaintext] set plaintext [DES::des -mode decode -key $secret $cryptotext] Using this function it passes the tests so - provided it gets some documentation this can go into tcllib. Perhaps it should wait until one of the other cipher modes has been added in though. I can see why ECB isn't suitable as you can get it to produce repeating blocks given homogenous input. [PT] writes on 11Feb03: This package is now part of [tcllib]. It has '''not''' been added to the main makefile and shouldn't be until it does some mode other than ECB. ---- '''Weak Keys''' The highlevel methods should prevent the use of these weak keys (throw an error?). Low level methods should not have this restriction. Keys which considered weak are: * 0000000 0000000 * 0000000 FFFFFFF * FFFFFFF 0000000 * FFFFFFF FFFFFFF Some pairs of keys encrypt plaintext to identical ciphertext. These semi weak keys are: * 01FE01FE01FE01FE and FE01FE01FE01FE01 * 1FE01FE00EF10EF1 and E01FE01FF10EF10E * 01E001E001F101F1 and E001E001F101F101 * 1FFE1FFE0EFE0EFE and FE1FFE1FFE0EFE0E * 011F011F010E010E and 1F011F010E010E01 * E0FEE0FEF1FEF1FE and FEE0FEE0FEF1FEF1 There are also 48 keys which produce only four distinct subkeys (instead of 16) - these are called possibly weak keys. We can safely ignore these. ---- '''Performance''' A simple benchmark, testing encryption+decryption of 100.000 bytes: package require des set k [binary format H* 86A560F10EC6D85B] #make a 100.000 bytes long msg: for { set x 0 } { $x < 10000 } {incr x } { append msg "1234567890" } puts "Size: [string length $msg]" puts [time { set c [DES::des -mode encode -key $k $msg] set p [DES::des -mode decode -key $k $c] } 1] Results: Tcl 8.4.1 Pentium IV 1800Mhz: 8.3 seconds (linux, ActiveTcl) Pentium III 930Mhz: 35 seconds (linux, ActiveTcl) See here for [ActiveTcl]. Tcl 8.3.4 Pentium III 930Mhz: 27 seconds (linux, redhat) AMD K6-400Mhz: 52 seconds (linux, redhat) 23jan03 [jcw] - Here's an example of the "Ghz trap": Both based on Tcl 8.4.1 (Tclkit Nov 2002): Pentium IV 2400Mhz: 6.2 seconds (linux) PowerPC G4 1000Mhz: 10.8 seconds (macosx) ---- [Mac Cody]: Having been summarily thrust into the "me too" catagory, I'll let you know I'm about to release a pure-Tcl implementation of DES as well. TclDES performs both DES and 3DES (triple-DES) encryption/decryption. It supports both Electronic Code Block (ECB) and Cipher Block Chaining (CBC) modes of operation. I would have released it back last year, but time and other commitments have prevented me from doing so. Right now, I'm trying to get an opinion from the U.S. Bureau of Industry and Security on whether I can get an export license exception TSU (Technology and software unrestricted). The Export Administration Regulations (EAR) and the Wassenaar Agreements are not 100% clear on releasing 3DES. I also have a version of the code, with the 3DES capabilities stripped out, called TclDESjr. It can be freely circulated. - updated January 23, 2003. [Mac Cody]: UPDATE - TclDES 0.5 and TclDESjr 0.5 are now available at [http://www.sourceforge.net/projects/tcldes]. The TclDES home page is at [http://tcldes.sourceforge.net]. - update March 8, 2003. [AK]: Nice. The last two modes officially specified modes are CFB and OFB = Cipher/Output FeedBack. [Mac Cody]: UPDATE - TclDES 0.6 and TclDESjr 0.6 now support CFB and OFB as well! - September 9, 2003. [Mac Cody]: UPDATE - TclDES 0.8 and TclDESjr 0.8 has been released. With TclDES 0.8, the initialization vector used in DES CBC, OFB, and CFB modes is now passed by reference (i.e. variable name) rather than by value. This allows for the CBC mode to supports ciphertext block feed-forward from procedure call to procedure call. The encryption of a message can now be split between multiple invocations of the procedure. This also applies for the OFB and CFB modes with the feedback block. The feedback facility provided in TclDES 0.7 has been removed and is now deprecated. As a result, the programming interface has changed slightly for TclDES 0.8. In addition the des::createKeys procedure now checks for DES weak keys, forcing an error if the submitted key matches one of them. The TclDES distribution now contains the document "A Guide To TclDES". This document provides an overview of the DES and 3DES algorithms, the various modes of operation for DES/3DES, and installation and usage instructions for the TclDES library. - October 27, 2004. ---- [[ [Category Package] | [Category Cryptography] ]]