des算法密码多长_密码学中的多个DES
des算法密码多长
This is a DES that was susceptible to attacks due to tremendous advances in computer hardware in cryptography. Hence, it was a very complex or competent algorithm it would be feasible to reuse DES rather than writing an of cryptography.
由于加密技术中计算机硬件的巨大进步,这是一种易于受到攻击的DES 。 因此,这是一个非常复杂或称职的算法,重用DES而不是编写加密算法是可行的。
Required to this variation of DES were introduced known as multiple DES which was as follows as Shown:
引入这种DES变体所需的称为多重DES ,如下所示:
1)双DES (1) Double DES)
Mainly, Double DES is simple as it does that normal DES does. Double DES uses twp keys to say K1 and K2 in this algorithm. It first performs DES on the original plain text using K! to get the encrypted text in cryptography. Here, it again performs DES on the encrypted text but this time with the other key K2 in this algorithm.
主要是, Double DES很简单,就像普通DES一样。 在此算法中,双DES使用twp键表示K1和K2。 它首先使用K对原始纯文本执行DES! 以加密方式获取加密的文本。 在这里,它再次对加密的文本执行DES,但是这次使用该算法中的另一个密钥K2。
Firstly, the final output is the encryption of encrypted text with the original plain text encrypted twice with two different keys shown in the structure as given below:
首先,最终输出是加密的文本的加密,原始的纯文本用两个不同的密钥加密了两次,结构如下所示:
While the doubly encrypted ciphertext block is first decrypted using the key K2 to produce singly encrypted ciphertext by plaintext or original text. Hence, this ciphertext block is then decrypted using the key K1 to obtain the original plain text block in cryptography.
首先使用密钥K2对双重加密的密文块进行解密,以通过明文或原始文本生成单一加密的密文。 因此,然后使用密钥K1对该密文块进行解密以获得密码术中的原始明文块。
Mainly, the cryptanalysis for the basic version of DES requires a search of 256 thus the assumption is Double DES require 2128 keys which is not true for the message.
主要是,对DES基本版本的密码分析需要搜索256,因此假设Double DES需要2128个密钥,这对于消息而言是不正确的。
Here, a Meet-in-the-middle attack is the drawback of double DES in this. Mainly, this attack involves encryption from one end, decryption from the other and matching the results in the middle hence the name in the message.
在此,中间相遇攻击是双重DES的缺点。 主要是,这种攻击涉及从一端进行加密,从另一端进行解密以及在中间匹配结果,从而在消息中使用名称。
Therefore, the simplest form of multiple encryptions has two encryption stages and two keys in this. Here, given a plaintext P and two encryption keys K1 and K2, ciphertext C is created as: C = E(K2, E(K1, P))
因此,多重加密的最简单形式具有两个加密阶段和两个密钥。 在此,给定明文P和两个加密密钥K1和K2 ,将密文C创建为: C = E( K2 ,E( K1 ,P))
Then, Decryption requires that the keys be applied in reverse order as: P = D(K1, D(K2, C))
然后,解密要求以相反的顺序应用密钥,例如: P = D( K1 ,D( K2 ,C))
Now, For DES, this scheme involves a key length of 56 * 2 = 112 bits, resulting in a dramatic increase in cryptographic strength in this. Further, but we need to examine the algorithm more closely for this.
现在,对于DES,此方案涉及56 * 2 = 112位的密钥长度,从而导致加密强度显着提高。 此外,但是我们需要对此进行更仔细的研究。
2)三重DES (2) Triple DES)
Here, to improve the security of DES to a higher level triple DES was proposed in this. While this uses three stages on DES for encryption and decryption in cryptography.
在此,为了提高DES的安全性,提出了三重DES。 虽然这在DES上使用三个阶段来进行加密中的加密和解密。
There basically of two versions of triple-DES are as given:
基本上有两种版本的三重DES :
i. Triple DES with Two Keys
一世。 两键三重DES
While in triple DES with two keys there are only two keys K1 used by the first and third stages and K2 used in the second stage in this. Basically, first, the plain text is encrypted with key K1 then the output of step one is decrypted with K2 and final the output second step is encrypted again with key K1 in cryptography.
在具有两个密钥的三重DES中,第一级和第三级仅使用两个密钥K1 ,第二级中仅使用两个密钥K2 。 基本上,首先,用密钥K1加密纯文本,然后用K2解密步骤1的输出,最后再用密钥K1再次加密输出的第二步。
It is also called encrypt decrypt encrypt (ECE) mode in cryptography. Hence, Triple DES with two keys is not susceptible to the meet-in-the-middle attack in cryptography.
在密码学中,它也称为加密解密解密(ECE)模式。 因此,具有两个密钥的三重DES不会受到密码学中的中间相遇攻击。
ii. Triple DES with Three Keys
ii。 三键三键DES
It basically had the idea of Triple-DES with three keys:
它基本上具有使用三个密钥的Triple-DES的想法:
While the plain text block P is first encrypted with a key K1 then encrypts with a second key K2 and finally with a third key K3 where K1, K2, and K3 are all different from each other in this algorithm. This is Decryption is done in reverse order in this way. Therefore, this algorithm is mostly used in PGP and S/MIME in cryptography.
虽然首先使用密钥K1加密纯文本块P ,然后使用第二密钥K2加密,最后使用第三密钥K3加密,其中该算法中的K1 , K2和K3都互不相同。 这就是解密以这种方式以相反的顺序完成。 因此,此算法主要用于密码学中的PGP和S / MIME。
Therefore, the DES cipher's key size of multiple of 56 bits of the message was generally enough when that algorithm was designed but the availability of increasing computational power made brute force attacks feasible in this algorithm. Thus, the Triple-DES provides a relatively simple method of increasing the key size of DES to secure against such attacks like that, without the need to design a completely new block cipher algorithm by this technique in cryptography.
因此,当设计该算法时,消息的56位的DES密码的密钥大小通常就足够了,但是计算能力的提高使暴力攻击在该算法中可行。 因此,Triple-DES提供了一种相对简单的方法来增加DES的密钥大小,以防止类似的攻击,而无需通过这种技术在密码学中设计一种全新的分组密码算法。
MEET-IN-THE-MIDDLE ATTACK
遇见中间攻击
Therefore, the use of double DES results in a mapping that is not equivalent to a single DES encryption in cryptography. Hence, but there is a way to attack this scheme, one that does not depend on any particular property of DES but that will work against any block encryption cipher in cryptography.
因此,使用双DES会导致映射不等同于密码学中的单个DES加密。 因此,但是有一种方法可以攻击这种方案,该方案不依赖于DES的任何特定属性,但是可以与密码学中的任何块加密密码一起工作。
Therefore, the algorithm known as a meet-in-the-middle attack was first described in [DIFF77]. It is based on the observation that we can say if we have it
因此,在[DIFF77]中首先描述了称为中间相遇攻击的算法。 基于观察,我们可以说是否拥有
Here, it has given a known pair, (P, C), the attack proceeds as follows as see. Firstly, encrypt P for all 256 possible values of K1 in this. While storing these results in a table and then sort the table by the values of X. Next, decrypt C using all 256 possible values of K2 in cryptography. Therefore, as each decryption is produced, check the result against the table for a match by this. Either if a match occurs, then test the two resulting keys against a new known-plaintext–ciphertext pair in cryptography. Hence, if the two keys produce the correct ciphertext, accept them as the correct keys in this algorithm.
在这里,它给出了一个已知的对(P,C) ,攻击如下所示进行。 首先,在此为K1的所有256个可能值加密P。 将这些结果存储在表中后,再按X的值对表进行排序。 接下来,使用密码学中K2的所有256个可能值解密C。 因此,随着每次解密的进行,以此将结果对照表进行核对。 如果发生匹配,则针对密码学中新的已知明文-密文对测试两个结果密钥。 因此,如果两个密钥产生正确的密文,则在此算法中将它们接受为正确的密钥。
For Example, for any given plaintext or original text P, 264 possible ciphertext values could be produced by double DES in this. This was Double DES uses, in effect, a 112-bit key, so that there are 2112 possible keys apply to messages. Therefore, on mean, for a given plaintext or original text P, the number of different 112-bit keys that will produce a given ciphertext as C is given: 2112/264 = 248
例如,对于任何给定的明文或原始文本P ,在此可以通过双DES产生264个可能的密文值。 实际上,这是Double DES使用的112位密钥,因此有2112种可能的密钥适用于消息。 因此,平均而言,对于给定的纯文本或原始文本P,给出将产生给定密文作为C的不同112位密钥的数目: 2112/264 = 248
While, the foregoing procedure will produce about 248 false alarms on the first (P, C) pair in this. Therefore, a similar argument indicates that with an additional 64 bits of known plaintext and ciphertext, the false alarm rate is reduced to 248 - 64 = 2 - 16 in mathematics. While putting another way, if the meet-in-the-middle attack is performed on two blocks of known plaintext–ciphertext, the probability that the correct keys are determined is 1 - 2 - 16 in this way. Thus, the result is that a known-plaintext attack will succeed against double DES, which has a key size of 112 bits, with an effort on the order of 256, which is not much more than the 255 required for single DES in cryptography.
同时,上述过程将在此第一对(P,C)上产生约248个错误警报。 因此,类似的论点表明,在已知的明文和密文有另外的64位的情况下,错误警报率在数学上降低为248-64 = 2-16。 换句话说,如果对已知的明文-密文的两个块执行中间相遇攻击,则以这种方式确定正确密钥的可能性为1-2-16。 因此,结果是,已知的明文攻击将成功抵御密钥大小为112位的双DES,而付出的努力约为256,这不超过密码术中单个DES所需的255。
Image source: https://www.tutorialspoint.com/cryptography/triple_des.htm
图片来源: https : //www.tutorialspoint.com/cryptography/triple_des.htm
翻译自: https://www.includehelp.com/cryptography/multiple-des.aspx
des算法密码多长