/* * Data Encryption Standard 768 * DES-768 by Alexander Pukall 2014 * * 768-bit keys with 16 * 48-bit subkeys * * Based on DES by NIST and Daniel Huertas Gonzalez * * Same speed as DES-56 but with 768-bit keys * * Uses MD2II hash function to create the 16 subkeys * * Code free for all, even for commercial software * No restriction to use. Public Domain * * Compile with gcc: gcc des768.c -o des768 * */ #include #include #include #define n1 96 /* 768-bit DES key for 16 * 48-bit subkeys */ int x1,x2,i; unsigned char h2[n1]; unsigned char h1[n1*3]; static void init() { x1 = 0; x2 = 0; for (i = 0; i < n1; i++) h2[i] = 0; for (i = 0; i < n1; i++) h1[i] = 0; } static void hashing(unsigned char t1[], size_t b6) { static unsigned char s4[256] = { 13, 199, 11, 67, 237, 193, 164, 77, 115, 184, 141, 222, 73, 38, 147, 36, 150, 87, 21, 104, 12, 61, 156, 101, 111, 145, 119, 22, 207, 35, 198, 37, 171, 167, 80, 30, 219, 28, 213, 121, 86, 29, 214, 242, 6, 4, 89, 162, 110, 175, 19, 157, 3, 88, 234, 94, 144, 118, 159, 239, 100, 17, 182, 173, 238, 68, 16, 79, 132, 54, 163, 52, 9, 58, 57, 55, 229, 192, 170, 226, 56, 231, 187, 158, 70, 224, 233, 245, 26, 47, 32, 44, 247, 8, 251, 20, 197, 185, 109, 153, 204, 218, 93, 178, 212, 137, 84, 174, 24, 120, 130, 149, 72, 180, 181, 208, 255, 189, 152, 18, 143, 176, 60, 249, 27, 227, 128, 139, 243, 253, 59, 123, 172, 108, 211, 96, 138, 10, 215, 42, 225, 40, 81, 65, 90, 25, 98, 126, 154, 64, 124, 116, 122, 5, 1, 168, 83, 190, 131, 191, 244, 240, 235, 177, 155, 228, 125, 66, 43, 201, 248, 220, 129, 188, 230, 62, 75, 71, 78, 34, 31, 216, 254, 136, 91, 114, 106, 46, 217, 196, 92, 151, 209, 133, 51, 236, 33, 252, 127, 179, 69, 7, 183, 105, 146, 97, 39, 15, 205, 112, 200, 166, 223, 45, 48, 246, 186, 41, 148, 140, 107, 76, 85, 95, 194, 142, 50, 49, 134, 23, 135, 169, 221, 210, 203, 63, 165, 82, 161, 202, 53, 14, 206, 232, 103, 102, 195, 117, 250, 99, 0, 74, 160, 241, 2, 113}; int b1,b2,b3,b4,b5; b4=0; while (b6) { for (; b6 && x2 < n1; b6--, x2++) { b5 = t1[b4++]; h1[x2 + n1] = b5; h1[x2 + (n1*2)] = b5 ^ h1[x2]; x1 = h2[x2] ^= s4[b5 ^ x1]; } if (x2 == n1) { b2 = 0; x2 = 0; for (b3 = 0; b3 < (n1+2); b3++) { for (b1 = 0; b1 < (n1*3); b1++) b2 = h1[b1] ^= s4[b2]; b2 = (b2 + b3) % 256; } } } } static void end(unsigned char h4[n1]) { unsigned char h3[n1]; int i, n4; n4 = n1 - x2; for (i = 0; i < n4; i++) h3[i] = n4; hashing(h3, n4); hashing(h2, sizeof(h2)); for (i = 0; i < n1; i++) h4[i] = h1[i]; } #define LB32_MASK 0x00000001 #define LB64_MASK 0x0000000000000001 #define L64_MASK 0x00000000ffffffff #define H64_MASK 0xffffffff00000000 /* Initial Permutation Table */ static char IP[] = { 58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4, 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8, 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3, 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7 }; /* Inverse Initial Permutation Table */ static char PI[] = { 40, 8, 48, 16, 56, 24, 64, 32, 39, 7, 47, 15, 55, 23, 63, 31, 38, 6, 46, 14, 54, 22, 62, 30, 37, 5, 45, 13, 53, 21, 61, 29, 36, 4, 44, 12, 52, 20, 60, 28, 35, 3, 43, 11, 51, 19, 59, 27, 34, 2, 42, 10, 50, 18, 58, 26, 33, 1, 41, 9, 49, 17, 57, 25 }; /*Expansion table */ static char E[] = { 32, 1, 2, 3, 4, 5, 4, 5, 6, 7, 8, 9, 8, 9, 10, 11, 12, 13, 12, 13, 14, 15, 16, 17, 16, 17, 18, 19, 20, 21, 20, 21, 22, 23, 24, 25, 24, 25, 26, 27, 28, 29, 28, 29, 30, 31, 32, 1 }; /* Post S-Box permutation */ static char P[] = { 16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10, 2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25 }; /* The S-Box tables */ static char S[8][64] = {{ /* S1 */ 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7, 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8, 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0, 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13 },{ /* S2 */ 15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10, 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5, 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15, 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9 },{ /* S3 */ 10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8, 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1, 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7, 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12 },{ /* S4 */ 7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15, 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9, 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4, 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14 },{ /* S5 */ 2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9, 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6, 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14, 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3 },{ /* S6 */ 12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11, 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8, 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6, 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13 },{ /* S7 */ 4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1, 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6, 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2, 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12 },{ /* S8 */ 13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7, 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2, 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8, 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11 }}; /* * The DES function * input: 64 bit message * key: 64 bit key for encryption/decryption * mode: 'e' = encryption; 'd' = decryption */ uint64_t des(uint64_t input, unsigned char key[n1], char mode ) { int i, j; /* 8 bits */ char row, column; /* 28 bits */ uint32_t C = 0; uint32_t D = 0; /* 32 bits */ uint32_t L = 0; uint32_t R = 0; uint32_t s_output = 0; uint32_t f_function_res = 0; uint32_t temp = 0; /* 48 bits */ uint64_t sub_key[16] = {0}; uint64_t s_input = 0; /* 64 bits */ uint64_t init_perm_res = 0; uint64_t inv_init_perm_res = 0; uint64_t pre_output = 0; /* initial permutation */ for (i = 0; i < 64; i++) { init_perm_res <<= 1; init_perm_res |= (input >> (64-IP[i])) & LB64_MASK; } L = (uint32_t) (init_perm_res >> 32) & L64_MASK; R = (uint32_t) init_perm_res & L64_MASK; /* 16 subkeys */ for (i = 0; i< 16; i++) { sub_key[i] = 0; for (j = 0; j < 6; j++) sub_key[i]=(sub_key[i]<<8)+(key[(i*6)+j]&0xff); } for (i = 0; i < 16; i++) { /* print 16 subkeys */ /* printf("sub_key[%d]=%012llX\n",i,sub_key[i]); */ /* f(R,k) function */ s_input = 0; for (j = 0; j< 48; j++) { s_input <<= 1; s_input |= (uint64_t) ((R >> (32-E[j])) & LB32_MASK); } /* * Encryption/Decryption * XORing expanded Ri with Ki */ if (mode == 'd') { // decryption s_input = s_input ^ sub_key[15-i]; } else { // encryption s_input = s_input ^ sub_key[i]; } /* S-Box Tables */ for (j = 0; j < 8; j++) { // 00 00 RCCC CR00 00 00 00 00 00 s_input // 00 00 1000 0100 00 00 00 00 00 row mask // 00 00 0111 1000 00 00 00 00 00 column mask row = (char) ((s_input & (0x0000840000000000 >> 6*j)) >> 42-6*j); row = (row >> 4) | row & 0x01; column = (char) ((s_input & (0x0000780000000000 >> 6*j)) >> 43-6*j); s_output <<= 4; s_output |= (uint32_t) (S[j][16*row + column] & 0x0f); } f_function_res = 0; for (j = 0; j < 32; j++) { f_function_res <<= 1; f_function_res |= (s_output >> (32 - P[j])) & LB32_MASK; } temp = R; R = L ^ f_function_res; L = temp; } pre_output = (((uint64_t) R) << 32) | (uint64_t) L; /* inverse initial permutation */ for (i = 0; i < 64; i++) { inv_init_perm_res <<= 1; inv_init_perm_res |= (pre_output >> (64-PI[i])) & LB64_MASK; } return inv_init_perm_res; } void main() { unsigned char text[33]; /* up to 256 chars for the password */ /* password can be hexadecimal */ uint64_t input; /* DES block plaintext */ uint64_t result; /* ciphertext or plaintext after decryption */ unsigned char h4[n1]; printf("DES-768 by Alexander PUKALL 2014 \n Data Encryption Standard with 768-bit subkeys \n"); printf("Code can be freely use even for commercial software\n"); printf("Based on DES by NIST and Daniel Huertas Gonzalez\n"); printf("Same speed as DES-56 but with 768-bit keys\n\n"); /* The key creation procedure is slow, it only needs to be done once */ /* as long as the user does not change the key. You can encrypt and decrypt */ /* as many blocks as you want without having to hash the key again. */ /* init(); hashing(text,length); end(h4); -> only once */ /* Encryption 1 */ input = 0xFEFEFEFEFEFEFEFE; /* DES block plaintext */ init(); strcpy((char *) text,"My secret password!0123456789abc"); hashing(text, 32); end(h4); /* h4 = 768-bit key from hash "My secret password!0123456789abc */ printf("Key 1:%s\n",text); printf ("Plaintext 1: %016llX\n", input); result = des(input, h4, 'e'); printf ("Encryption 1: %016llX\n", result); result = des(result, h4, 'd'); printf ("Decryption 1: %016llX\n", result); /* Encryption 2 */ input = 0x0000000000000000; /* DES block plaintext */ init(); strcpy((char *) text,"My secret password!0123456789ABC"); hashing(text, 32); end(h4); /* h4 = 768-bit key from hash "My secret password!0123456789ABC */ printf("\nKey 2:%s\n",text); printf ("Plaintext 2: %016llX\n", input); result = des(input, h4, 'e'); printf ("Encryption 2: %016llX\n", result); result = des(result, h4, 'd'); printf ("Decryption 2: %016llX\n", result); /* Encryption 3 */ input = 0x0000000000000001; /* DES block plaintext */ init(); strcpy((char *) text,"My secret password!0123456789abZ"); hashing(text, 32); end(h4); /* h4 = 768-bit key from hash "My secret password!0123456789abZ */ printf("\nKey 3:%s\n",text); printf ("Plaintext 3: %016llX\n", input); result = des(input, h4, 'e'); printf ("Encryption 3: %016llX\n", result); result = des(result, h4, 'd'); printf ("Decryption 3: %016llX\n", result); } /* Key 1:My secret password!0123456789abc Plaintext 1: FEFEFEFEFEFEFEFE Encryption 1: 132A9C171B8DEFAA Decryption 1: FEFEFEFEFEFEFEFE Key 2:My secret password!0123456789ABC Plaintext 2: 0000000000000000 Encryption 2: E61943AF1BF022DE Decryption 2: 0000000000000000 Key 3:My secret password!0123456789abZ Plaintext 3: 0000000000000001 Encryption 3: 87DE95F3CDC529F0 Decryption 3: 0000000000000001 */