cryptix.provider.cipher
Class DES

java.lang.Object
  |
  +--xjava.security.IJCE_Traceable
        |
        +--xjava.security.Cipher
              |
              +--cryptix.provider.cipher.DES
All Implemented Interfaces:
Parameterized, SymmetricCipher

public final class DES
extends Cipher
implements SymmetricCipher

DES is a block cipher with an 8 byte block size. The key length is 8 bytes, but only 56 bits are used as the parity bit in each byte is ignored.

This algorithm has been seriously analysed over the last 30 years, and no significant weaknesses have been reported. Its only known flaw is that the key length of 56 bits makes it relatively easy to brute-force it.

To overcome this near-fatal flaw, it is recommended that DES be used in Triple DES mode. The JCA algorithm name for the recommended form of Triple DES is "DES-EDE3/CBC", which is implemented by the DES_EDE3 and CBC DES was written by IBM and first released in 1976. The algorithm is freely usable for both single and triple encryption.

References:

  1. Bruce Schneier, "Chapter 12 Data Encryption Standard," Applied Cryptography, 2nd edition, John Wiley & Sons, 1996.

  2. NIST FIPS PUB 46-2 (supercedes FIPS PUB 46-1), "Data Encryption Standard", U.S. Department of Commerce, December 1993.
    http://www.itl.nist.gov/div897/pubs/fip46-2.htm

Copyright © 1997 Systemics Ltd on behalf of the Cryptix Development Team.
All rights reserved.

$Revision: 1.6 $

Since:
Cryptix 2.2.2
Author:
Systemics Ltd, Geoffrey Keating (this Java implementation), Eric Young, David Hopwood, Raif S. Naffah, John F. Dumas (jdumas@zgs.com)

Fields inherited from class xjava.security.Cipher
DECRYPT, ENCRYPT, UNINITIALIZED
 
Fields inherited from class xjava.security.IJCE_Traceable
tracing
 
Constructor Summary
DES()
          Constructs a DES cipher object, in the UNINITIALIZED state.
 
Method Summary
(package private) static void ()
           
 java.lang.Object clone()
          Always throws a CloneNotSupportedException (cloning of ciphers is not supported for security reasons).
 int[] crypt3(int E0, int E1)
          Implements the Unix crypt(3) algorithm.
protected  void des(byte[] in, int inOffset, byte[] out, int outOffset, boolean encrypt)
          Encrypts/decrypts a block, of length BLOCK_SIZE.
 int engineBlockSize()
          SPI: Returns the length of an input block, in bytes.
 void engineInitDecrypt(java.security.Key key)
          SPI: Initializes this cipher for decryption, using the specified key.
 void engineInitEncrypt(java.security.Key key)
          SPI: Initializes this cipher for encryption, using the specified key.
protected  int engineUpdate(byte[] in, int inOffset, int inLen, byte[] out, int outOffset)
          SPI: This is the main engine method for updating data.
protected  void finalize()
          Cleans up resources used by this instance, if necessary.
static LinkStatus getLinkStatus()
          Gets an object representing the native linking status of this class.
static void main(java.lang.String[] argv)
          Entry point for self_test.
 
Methods inherited from class xjava.security.Cipher
blockSize, crypt, crypt, crypt, doFinal, doFinal, doFinal, doFinal, engineCiphertextBlockSize, engineCrypt, engineGetParameter, engineInBufferSize, engineOutBufferSize, enginePlaintextBlockSize, engineSetPaddingScheme, engineSetParameter, getAlgorithm, getAlgorithms, getAlgorithms, getCiphertextBlockSize, getInputBlockSize, getInstance, getInstance, getInstance, getMode, getOutputBlockSize, getPadding, getPaddingScheme, getParameter, getPlaintextBlockSize, getProvider, getState, inBufferSize, inBufferSizeFinal, initDecrypt, initEncrypt, isPaddingBlockCipher, outBufferSize, outBufferSizeFinal, setParameter, toString, update, update, update, update
 
Methods inherited from class xjava.security.IJCE_Traceable
disableTracing, enableTracing, traceMethod, traceResult, traceResult, traceVoidMethod
 
Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, wait, wait, wait
 

Constructor Detail

DES

public DES()
Constructs a DES cipher object, in the UNINITIALIZED state. This calls the Cipher constructor with implBuffering false, implPadding false and the provider set to "Cryptix".
Method Detail

getLinkStatus

public static LinkStatus getLinkStatus()
Gets an object representing the native linking status of this class.

static void ()

finalize

protected final void finalize()
Cleans up resources used by this instance, if necessary.
Overrides:
finalize in class java.lang.Object

clone

public final java.lang.Object clone()
                             throws java.lang.CloneNotSupportedException
Always throws a CloneNotSupportedException (cloning of ciphers is not supported for security reasons).
Overrides:
clone in class Cipher
Following copied from class: xjava.security.Cipher
Throws:
java.lang.CloneNotSupportedException - if the cipher is not cloneable.

engineBlockSize

public int engineBlockSize()
SPI: Returns the length of an input block, in bytes.
Overrides:
engineBlockSize in class Cipher
Returns:
the length in bytes of an input block for this cipher.

engineInitEncrypt

public void engineInitEncrypt(java.security.Key key)
                       throws java.security.InvalidKeyException
SPI: Initializes this cipher for encryption, using the specified key.
Overrides:
engineInitEncrypt in class Cipher
Parameters:
key - the key to use for encryption.
Throws:
java.security.InvalidKeyException - if one of the following occurs:
  • key.getEncoded() == null;
  • The length of the user key array is not KEY_LENGTH.

engineInitDecrypt

public void engineInitDecrypt(java.security.Key key)
                       throws java.security.InvalidKeyException,
                              CryptixException
SPI: Initializes this cipher for decryption, using the specified key.
Overrides:
engineInitDecrypt in class Cipher
Parameters:
key - the key to use for decryption.
Throws:
java.security.InvalidKeyException - if one of the following occurs:
  • key.getEncoded() == null;
  • The length of the user key array is not KEY_LENGTH.

engineUpdate

protected int engineUpdate(byte[] in,
                           int inOffset,
                           int inLen,
                           byte[] out,
                           int outOffset)
SPI: This is the main engine method for updating data.

in and out may be the same array, and the input and output regions may overlap.

Overrides:
engineUpdate in class Cipher
Parameters:
in - the input data.
inOffset - the offset into in specifying where the data starts.
inLen - the length of the subarray.
out - the output array.
outOffset - the offset indicating where to start writing into the out array.
Returns:
the number of bytes written.
Throws:
CryptixException - if the native library is being used, and it reports an error.

des

protected void des(byte[] in,
                   int inOffset,
                   byte[] out,
                   int outOffset,
                   boolean encrypt)
Encrypts/decrypts a block, of length BLOCK_SIZE.
Parameters:
in - an array containing the input block
inOffset - the starting offset of the input block
out - an array containing the output block
inOffset - the starting offset of the output block
encrypt - true to encrypt, false to decrypt

crypt3

public int[] crypt3(int E0,
                    int E1)
Implements the Unix crypt(3) algorithm.

This method is intended only for use by the class cryptix.tools.UnixCrypt, and should not be used directly by applications.

Parameters:
E0 - first 32 bits of input.
E1 - second 32 bits of input.

main

public static void main(java.lang.String[] argv)
Entry point for self_test.