日期:2009-03-07  浏览次数:20846 次

这是摘自清华BBS的一篇文章,洋文的,小弟把它翻成中文请各位高手指点。
分号(;)后的话是小弟的翻译,井号(#)后的是小弟的一点感想。


How to implement the
Data Encryption Standard (DES)

A step by step tutorial
Version 1.2


The Data Encryption Standard (DES) algorithm, adopted by the U.S.
government in 1977, is a block cipher that transforms 64-bit data blocks
under a 56-bit secret key, by means of permutation and substitution. It
is officially described in FIPS PUB 46. The DES algorithm is used for
many applications within the government and in the private sector.

This is a tutorial designed to be clear and compact, and to provide a
newcomer to the DES with all the necessary information to implement it
himself, without having to track down printed works or wade through C
source code. I welcome any comments.
Matthew Fischer <mfischer@heinous.isca.uiowa.edu>

;上面是介绍,我就不翻了。 ;)


Here's how to do it, step by step:

1 Process the key.
;生成密钥

1.1 Get a 64-bit key from the user. (Every 8th bit is considered a
parity bit. For a key to have correct parity, each byte should contain
an odd number of "1" bits.)
;从用户处得到一个64位的密钥。(每8位一组,每组的第8位是校验位。如果校验
正确,每个字节应该有一个为1的

1.2 Calculate the key schedule.
;计算密钥表

1.2.1 Perform the following permutation on the 64-bit key. (The parity
bits are discarded, reducing the key to 56 bits. Bit 1 of the permuted
block is bit 57 of the original key, bit 2 is bit 49, and so on with bit
56 being bit 4 of the original key.)
;对64位的密钥进行如下的置换。(去掉校验位,密钥的实际长度是56位。置换后的
;第一位是原密钥的第57位,第二位是原第49位,第五十六位就是原来密钥的第4位。)
# 古怪的置换,哪位大哥能写出算式?
# 好象是分成两部
# for(j=57;j<64;j++)
# {
# for(i=j;i<0;i-=8)
# {
# if(k=28)
# break;
# c[k]=i;
# k++;
# }
# 这是前28位,不知道对不对?请指正。


Permuted Choice 1 (PC-1)

57 49 41 33 25 17 9
1 58 50 42 34 26 18
10 2 59 51 43 35 27
19 11 3 60 52 44 36
63 55 47 39 31 23 15
7 62 54 46 38 30 22
14 6 61 53 45 37 29
21 13 5 28 20 12 4

1.2.2 Split the permuted key into two halves. The first 28 bits are
called C[0] and the last 28 bits are called D[0].
;把置换后的密钥分为C[0] 和D[0]两部分,各28位。

1.2.3 Calculate the 16 subkeys. Start with i = 1.
;计算16个子密钥,从i=1开始。

1.2.3.1 Perform one or two circular left shifts on both C[i-1] and
D[i-1] to get C[i] and D[i], respectively. The number of shifts per
iteration are given in the table below.
;分别对C[i-1]和D[i-1]进行左移一到两位的位移操作,得到C[i]和D[i]。每次
;位移数目如下:
# 共16次

Iteration # 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
Left Shifts 1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1

1.2.3.2 Permute the concatenation C[i]D[i] as indicated below. This
will yield K[i], which is 48 bits long.
;如下表,改变C[i]和D[i]的排列,得到48位长的k[i]。
# 不懂 :(
# 是不是丢掉了某些位?

Permuted Choice 2 (PC-2)

14 17 11 24 1 5
3 28 15 6 21 10
23 19 12 4 26 8
16 7 27 20 13 2
41 52 31 37 47 55
30 40 51 45 33 48
44 49 39 56 34 53
46 42 50 36 29 32

1.2.3.3 Loop back to 1.2.3.1 until K[16] has been calculated.
;重复 1.2.3.1 开始的过程,算出16个字密钥。

2 Process a 64-bit data block.
;处理一个64位的数据块。

2.1 Get a 64-bit data block. If the block is shorter than 64 bits, it
should be padded as appropriate for the application.
;获取一个64位的数据块。如果数据块不到64位,就补足64位。
# 可能是用0补吧。

2.2 Perform the following permutation on the data block.
;对数据块进行如下置换。
# 又是分成两部分进行,先是偶数位。
# 比较简单,算式就不写了。

Initial Permutation (IP)

58 50 42 34 26 18 10 2
60 52 44 36 28 20 12 4
62 54 46 38 30 22 14 6
64 56 48 40 32 24 16 8
57 49 41 33 25 17 9 1
59 51 43 35 27 19 11 3
61 53 45 37 29 21 13 5
63 55 47 39 31 23 15 7

2.3 Split the block into two halves. The first 32 bits are called