,,,
, XX , XXI . . , .
. , . , , , [1] . , , , . .
[2]. , . , , , .. , , , .
.
, , .
rypton, .
:
- Crypton.
- Crypton.
- Crypton.
rypton .
" " Crypton, - (). , , , .
1.
1.1
. () .
, , , . ,
Z=EnCrypt(X,Key) X=DeCrypt(Z,Key)[3]
Key . (X) (Z) , , .
, [4]. . , , , . .
[5], [6]. , , , . 1/2 , N 2N-1 . , . , , 1 1 , 128 1021 . , , , , .
, . , , . , . , , . , .
, Z=EnCrypt(X,Key) :
- EnCrypt .
- X Z, Key.
- Key X Z, .
, . , , , , . , , 32- 0..4'294'967'295. , , " ", ( 32- 2 0..65535 4 0..255). 1.1 ( ):
V :
- (, X'=X+125)
- , (, X'=X+F(Key))
- , (, X2'=X2+F(X1))
1.1 .
, (. Feistel).
, V F "-" . (1999 ) . - , , ( ) .
. . , , () . , . X Key.
( ), , , Vi(Key) , . , . , , . (. caching) . (. key scheduling)
1.2
1.2.1 Rijndael
, [7],[8]. : 8- 64-, , , , , 32 ( ). / , , .
[9],[10], Rijndael .
Rijndael , . 128, 192 256 .
, (State).
. 4 , Nb , 32.
. Nk , 32. 1.4.
1.4. (Nb=6) (Nk=4).
4- . 4 , ( ) 1.4 [11].
(" ", ECB) a0,0, a1,0, a3,0, a0,1, a1,1, a3,1 ,a4,1 ... .
Nr Nb Nk. 1.2
1.2 (Nr) .
. - :
Round (State, RoundKey)
{
ByteSub(State); //
ShiftRow(State); //
MixColumn(State); //
AddRoundKey(State, RoundKey); //
}
. :
FinalRound(State, RoundKey)
{
ByteSub(State); //
ShiftRow(State); //
AddRoundKey(State, RoundKey); //
}
, "" - Round, ByteSub .. , (.. State, RoundKey) .
, . .
ByteSub , . ( S-) :
1. - GF(28), '00' .
2. ( GF(2)), :
. 1.3.
S- ByteSub(State). 1.5 ByteSub .
1.5 ByteSub .
3 . 1 1 , 2 - 2 3 - 3 . 1, 2 3 Nb. 1.4.
1.4. .
3 ShiftRow(State). 1.5 .
1.5 ShiftRow .
(MixColumn) GF(28) x4+1 c(x), :
c(x)='03' x3 + '01' x2 + '01' x + '02'(1.8)
. b(x)=c(x)a(x),
. 1.6
MixColumn(State). 1.7 MixColumn .
1.7 MixColumn .
EXOR. (key schedule). Nb.
, EXOR , AddRoundKey(State, RoundKey). 1.8.
1.8.
EXOR .
. : (Key Expansion) (Round Key Selection).
:
- , 1 (, 128 10 1408 ).
- (Expanded Key).
- : Nb , - Nb ..
4- W[Nb*(Nr+1)]. Nk .
. Nk: Nk 6 Nk 6.
Nk<6 Nk=6 :
KeyExpansion(CipherKey,W)
{
for (i = 0; i < Nk; i++) W[i] = CipherKey[i];
for (j = Nk; j < Nb*(Nk+1); j+=Nk)
{
W[j] = W[j-Nk] ^ SubByte( Rotl( W[j-1] ) ) ^ Rcon[j/Nk];
for (i = 1; i < Nk && i+j < Nb*(Nr+1); i++)
W[i+j] = W[i+j-Nk] ^ W[i+j-1];
}
}
, Nk . W[i] EXOR W[i-1] Nk W[i-Nk]. , Nk, EXOR W[i-1], . , Rotl, SubByte - .
Nk>6 :
KeyExpansion(CipherKey,W)
{
for (i=0; i<Nk; i++) W[i]=CipherKey[i];
for (j=Nk; j<Nb*(Nk+1); j+=Nk)
{
W[j] = W[j-Nk] ^ SubByte(Rotl(W[j-1])) ^ Rcon[j/Nk];
for (i=1; i<4; i++) W[i+j] = W[i+j-Nk] ^ W[i+j-1];
W[j+4] = W[j+4-Nk] ^ SubByte(W[j+3]);
for (i=5; i<Nk; i++) W[i+j] = W[i+j-Nk] ^ W[i+j-1];
}
}
Nk>6 SubByte 4- Nk.
Nk :
Rcon[i] = ( RC[i], '00' , '00' , '00' ),
RC[0]='01', RC[i]=xtime(Rcon[i-1])
i- W[Nb*i] W[Nb(i+1)]. 1.9
1.9 Nb=6 Nk=4.
W[Nb*(Nr+1)]. , , Nk . Rijndael :
- ;
- Nr-1 ;
- .
- :
Rijndael (State, CipherKey)
{
KeyExpansion(CipherKey, ExpandedKey); //
AddRoundKey(State, ExpandedKey); //
For ( i=1 ; i<Nr ; i++) Round(State,ExpandedKey+Nb*i); //
FinalRound(State, ExpandedKey+Nb*Nr); //
}
, Rijndael :
Rijndael (State, CipherKey)
{
AddRoundKey(State, ExpandedKey);
For ( i=1 ; i<Nr ; i++) Round(State,ExpandedKey+Nb*i);
FinalRound(State, ExpandedKey+Nb*Nr);
}
. .
1.2.2 DEAL
DEAL (Data Encryption Algorithm with Larger blocks - ) 128- 128, 192 256 , DEAL-128, DEAL-192 DEAL-256 [12]. DES'a. DEAL ECB. = () DES 64- , Y = EAZ(X) DEAL 128- X Z. Pi 128 , P = P1, P2, , n. r DES RKi, i = 1, , r, . XL XR X . - . X0L = PiL, X0R = iR j= 1, ,r
XjL=ERKj(XLj-1) XRj-1 (1.9)
XRj = XLj-1(1.10)
1.10: DEAL.
Ci =XrL ||XrR. . 1.10 DEAL. DEAL-128 DEAL-192 6 , . . r = 6. , , DEAL-256, 8 , r = 8. , 256 .
, DEAL [13]. : - i i-oro , i + 1- ( Ci Pi+l) . . . Ci . , , 6- 8- . , DES CBC. , , DES 16 . , ECB [14].
, 128 P1, P2, , Pn Ci, 2, , , - -. :
i = EAK(Ci-l Pi),(1.11)
0 - .
DES IP , - IP-1. DEAL, DES . , DEAL, IP , a IP-1 - -.
s DES, Ki, , , Ks, s = 2, 3, 4, 64 ( 8 , ), r DES, RKj. , . - s r , . DES'om CBC . - RKi. , = 0x1234 5678 90ab cdefx ( ) - DES. DEAL-128 :
RK1 = EK (1),
RK2 = EK (2 RK1),
RK3=EK(Kl (1) RK2),
RK4 = EK(2 (2) RK3),
RK5 =Ek(ki (4) RK4),
RK6 =Ek(k2 (8) RK5),(1.12)
(i) - 64- , i - 1- ( 0) , . , (1) "0x8000 0000 0000 0000".
DEAL-192 :
RK1 = EK (1),
RK2 = EK (2 RK1),
RK3=EK(K3 RK2),
RK4 =Ek(ki (1) RK3),
RK5 =Ek(k2 (2) RK4),
RK6 =(3 (4) RK5).(1.13)
6 DES 6 DES . , .
DEAL-256 :
RK1 = EK (1),
RK2=EK(2RK1),
RK3=EK(K3RK2),
RK4=Ek(K4 RK3),
RK5 =Ek(K2 (1) RK4),
RK6=EK(2 (2) RK5),
RK7 =(3 (4) RK6), RK8 =Ek(K4 (8) RK7).(1.14)
8 DES 8 DES . , .
, 64- RKi DES, RKi i- . , 64 RKi, , .
, -, , , , -, s 64 , s s 56 , , , . , DES, - - DES. , 64 , , . , , , , DEAL'y, .
(i) . , , . , DEAL-128 K1 = K2 = Dk(0) 6 0. .
, , 112, 168 224 .
DEAL ? , [15], DEAL meet-in-the-middle ( ), DES, 2168 , 2224 DEAL , . , DEAL-256 8 . DEAL-128 2112 .
DEAL ( ) - 6- , DEAL, 2121 DES, 270 , . , XOR.
DEAL.
-DEAL 128 128, 192 256 ( , , - 112, 168 224 ).
- - 264 -.
- , .
- DEAL , DES.
- DEAL .
- DEAL DES.
- .
, , , DEAL .
DEAL:
- DEAL-192 DEAL-256.
DES, 256 DEAL-192, DES, 256 DEAL-256.
- DEAL-128 , 264 .
- - (related-key attack) DEAL-192 DEAL-256, , 233 , 3*245 2137 DEAL, DEAL-192 DEAL-256. ( ).
- . DEAL-192 , (Biham's) DES; DEAL-256 , DEAL-192 [15].
, . , DEAL . DEAL AES, , . AES, " DES" DEAL .
DEAL - .
, "" DEAL 2137 DEAL, 3*245 , 233 . -.
, 3*269 , 2113 , . , (Bi ham's) DES, 233 , , 288 . , 2113 , 3*269 , , 233 , 232 , , . , 2119 , 264 270 .
: , " " (key shedule), . , , . DEAL - , . , , .
1.3 Crypton
Crypton Future Systems, 1980- . [15],[16] , SQUARE ( ). " ", (, DES CAST). - SP-, .. -, . , , , .
Crypton, Square, , , .
1.3.1 CRYPTON
CRYPTON [16] CRYPTON, 128 4´4 . CRYPTON : byte-wise substitutions( ), column-wise bit permutation( ), column-to-row transposition ( ), key addition( ). 4 . . 1.1 CRYPTON.
.1.1 CRYPTON.
CRYPTON :
- 12- ( ) 128 256 .
- .
- : ANDS/XORS, CRYPTON .
- : , , (, -).
1.3.2
1.3.2.1 g
CRYPTON , 8´8 S-, Si(0 ≤i ≤3). S- 8´8 S- S ( , S = S-1) S2=S0-1 S3=S1-1. S- S , .
S- 4´4 . : e . 1.2. , S- , 4´4 A:
go (ge (A)) = ge (go (A)) = A. (1.1)
, .
A[0] |
a03 |
a02 |
a01 |
a00 |
B[0] |
S3(a03) |
S2(a02) |
S1(a01) |
S0(a00) |
|||
A[1] |
a13 |
a12 |
a11 |
a10 |
o |
B[1] |
S0(a13) |
S3(a12) |
S2(a11) |
S1(a10) |
||
A[2] |
a23 |
a22 |
a21 |
a20 |
Þ | B[2] |
S1(a23) |
S0(a22) |
S3(a21) |
S2(a20) |
||
A[3] |
a33 |
a32 |
a31 |
a30 |
B[3] |
S2(a33) |
S1(a32) |
S0(a31) |
S3(a30) |
|||
A[0] |
a03 |
a02 |
a01 |
a00 |
B[0] |
S1(a03) |
S0(a02) |
S3(a01) |
S2(a00) |
|||
A[1] |
a13 |
a12 |
a11 |
a10 |
e |
B[1] |
S2(a13) |
S1(a12) |
S0(a11) |
S3(a10) |
||
A[2] |
a23 |
a22 |
a21 |
a20 |
Þ | B[2] |
S3(a23) |
S2(a22) |
S1(a21) |
S0(a20) |
||
A[3] |
a33 |
a32 |
a31 |
a30 |
B[3] |
S0(a33) |
S3(a32) |
S2(a31) |
S1(a30) |
.1.2 g
1.3.2.2 p t
, CRYPTON . - 4×4 - .
(M3, M2, M1, M0) , :
M0 = m3 || m2 || m1 || m0 = 0x3fcff3fc,
M1 = m0 || m3 || m2 || m1 = 0xfc3fcff3,
M2 = m1 || m0 || m3 || m2 = 0xf3fc3fcf,
M3 = m2 || m1 || m0 || m3 = 0xcff3fc3f, (1.3)
m0 = 0xfc, m1 = 0xf3, m2 = 0xcf, m3 = 0x3f. , ; e . :
- o : B = o(A) :
B[0] ß (A[3] Ù M3) Å (A[2] Ù M2) Å (A[1] Ù M1) Å (A[0] Ù M0),
B[1] ß (A[3] Ù M0) Å (A[2] Ù M3) Å (A[1] Ù M2) Å (A[0] Ù M1),
B[2] ß (A[3] Ù M1) Å (A[2] Ù M0) Å (A[1] Ù M3) Å (A[0] Ù M2),
B[3] ß (A[3] Ù M2) Å (A[2] Ù M1) Å (A[1] Ù M0) Å (A[0] Ù M3). (1.4)
- e : B=e(A) :
B[0] ß (A[3] Ù M1) Å (A[2] Ù M0) Å (A[1] Ù M3) Å (A[0] Ù M2),
B[1] ß (A[3] Ù M2) Å (A[2] Ù M1) Å (A[1] Ù M0) Å (A[0] Ù M3),
B[2] ß (A[3] Ù M3) Å (A[2] Ù M2) Å (A[1] Ù M1) Å (A[0] Ù M0),
B[3] ß (A[3] Ù M0) Å (A[2] Ù M3) Å (A[1] Ù M2) Å (A[0] Ù M1). (1.5)
4×4 , (i, j)- (j, i)- (. 1.3 B=
A[0] |
a03 |
a02 |
a01 |
a00 |
B[0] |
a30 |
a20 |
a10 |
a00 |
|||
A[1] |
a13 |
a12 |
a11 |
a10 |
| B[1] |
a31 |
a22 |
a11 |
a01 |
||
A[2] |
a23 |
a22 |
a21 |
a20 |
Þ |
B[2] |
a32 |
a22 |
a12 |
a02 |
||
A[3] |
a33 |
a32 |
a31 |
a30 |
B[3] |
a33 |
a23 |
a13 |
a03 |
. 1.3 t
1.3.2.3 s
EXOR. (key schedule).
K = (K[3], K[2], K[1], K[0])t, B = (A) B[i] = A[i] Å K[i], i = 0, 1, 2, 3.
1.3.2.4 r
CRYPTON S-, -, - . , , ( K)
roK = sK ◦ t ◦ po ◦ g o
r = 1, 3, ... etc.,(1.6)
reK = sK ◦ t ◦ pe ◦ ge for r = 2, 4, ... etc. (1.7)
1.3.3
EK r- CRYPTON K r/2 e . , .
1.3.4
R- CRYPTON 4 (r + 1) 32- . 8k (k = 0,1, ..., 32) : 8 , .
1.4
: () . () () [18]. , , . , , , , . . ( ) - (, "", ) ( ), , .
, . , , : . , , , , . , , . , , , , . , , ( ), , , ( ), ( ). , , .
() "" , , , [19]. , . . , . , .
(, ), , , , , , . , .
, , . ( , ) . , . , , . , . , .
.
[20]. , . . ( ) , . , . - -- , . , . 28147-89, DES, FEAL.
( , - , , ).
, . , . , , , , .
, , , , .
. , () , , , .
1.11 [21].
, , . , .
( ) - . ( ) Z (, ).
. 1.11
. .
1.11. . , . . , , .
:
Y = E(X), X = D(Y)(1.16)
, DE . Z. ( , , , . , . , , , ). , .
, ( ). , . , ( ), , , , , , . , . , . ( ). , , , . .
. . . . , . , . ( , , , ). , , , . , , , , .
. , , , , , . , , . "" , . . , , , , . , , "".
, .
" " ( - ). -, , . . , , , .
, . . .
, " " : , . . , , , . "" .
, . , , , . , .
, . , , . , .
1970- . , . . -, , -, . -, , , , . , , , - "", .
1970- . . -, . -, , , . , , , . , , , .
, , , . , , , , . , , .
, , , . , . , , , , , , . ( .) , , , , , .
, , , . , .
, : , , ..
, , . , , , , . , .
( RSA), , . , .
[21] () . . 1990 . - , r . , . , .
, (, , , ..), .
. , .
2 . - ( )
DES 247 .
1.5
, Crypton : ANDS/XORS, CRYPTON , , . Crypton , 12- ( ) 128 128 . 4- Crypton , .
Crypton .
2. CRYPTON
2.1 Crypton
Crypton . 128 . [22].
, (State). 16 , . . , . .
GF(28), . Z2:
,
i- (0 1).
"". Z2 (1+1=0).
. Z2
.
(Key Schedule, Key Expansion). 4 ( 4 ) (). r- 4 r- , . , :
1. BS (Byte Substitution): S ( S-, Sbox) . .
2. SR (Shift Rows): .
3. MC (Mix Columns): . , :
: .
4. KA (Key Addition): .
MC. 2 , Ar-1 Ar:
(1)
(2)
Crypton [22]. 4 .
. 4- Crypton ( Crypton 12 ) , .
.
Λ- 256 ( State), ( ), 256 . () 256 Λ-. .. : , .
Λk Λ- c k .
Pr r.
Λ- . BS KA Λ- Λ- , . SR . MC Λ- Λ- (. . Λ-). MC ( ) , .
Λ1-, . .. 256 , . . MC 4 , .. P1 Λ4. 4 4 SR, P2 Λ16. MC , 4 , . Λ- , MC .
Λ- 2 () , , , .. . , ( ) "" (.. ), , 256 , .
MC A B. , , :
, P3 Λ16, .. ( ). BS. Kr L-, :
Lr Kr, . Q4 256 : . Q4 P4 2 SR-1 MC-1 .
4- Crypton.
,
4- , P3. .
, . . , () , . , [22].
2.3
Crypton . - Intel Pentium , - Windows 95 + IE 4.0 .
:
- ;
- ;
- 128 .
:
1. ENCRDECR.EXE .2.1
2. "0" ;
3. . 2.2
2.1
2.2
4. .
:
1. ENCRDECR.EXE .2.1
2. "1" ;
3. . 2.3
2.3
5. .
:
1. ENCRDECR.EXE .2.1
2. "2" ;
3. . 2.4
2.4 .
.2.5
3.
3.1
- (). . , [23, 12, 16].
, 463 ( 242). 1 , 6 2. 2 (2 ). .
0.00-1.31-99 - 12 2 , 36 3 6 2 20 3 .
"--" ("--"), 2 " ", "" (), "" (). "" ( ) " ".
"" :
1 , ;
2 , "" -, .;
3 , ;
( ).
"" :
1 ( );
2 (, );
3 (, , ) ( 1).
1. "--"
. 1. :
1 - (1-1) ();
2 - (-1) , ( );
3 - (1-) ( );
4 - (2-) "" "" (, ) ;
5 - (-3) "" "" (, );
6 - (-1) "" "" ( );
7 - (1-) "" "" (.. , );
8 - (-1, -2, -3) "" "" ( );
9 - (1-3) (, );
10 - (1-2) ;
11 - (3-3) ;
12 - (1-1) , ( , );
13 - (1-2) ;
14 - (3-1) .
( ) (). 1. , [24] 12.0.003-74 . , , . .
:
- ;
- ;
- ;
- ;
- ;
- ;
- ;
-
- ;
- , ;
- ()
1.
1.
1 , . . .
3.2
, , 50 , 220/380 . 12.1.030-81 , , .
. , 50% . , . , . 0,1-0,2 .
, , . . 30 -85.
1 , , . 500 .
.
: , ; ; , , , .
0.00-4.12-99 [25] , , , .
. , .
. . 1 6 .
, , .
, .
0.00-4.12-99.
3.3
0.00-1.31-99 " 1" - , . 12.0.005-88, 2.
() . .
2.
, . | , % |
, / |
|
22-24 | 40-60 | 0.1 | |
23-25 | 40-60 | 0.1 |
ˠ . () , . ( ). ˠ[26].
, ,
Q = 860∙N1∙K2 ∙K2 = 860∙0,8∙0,95∙1 = 654 (/), |
(3.1) |
;
, 0.95;
, 1.
, ,
Q = 0,5∙n∙g = 0,5∙2∙120 = 120 (/), |
(3.2) |
, 2 .;
, , 1 100-125 /, 120 /.
, ,
Q = k∙ E∙ S = 0,05∙300∙24 = 360 (/), |
(3.3) |
, 300 ;
S - , 24 ..;
k ,0,05 / 2.
, , :
Q = nc∙kc∙S = 86∙6∙1,15 = 593,4 (/), |
(3.4) |
, , 86 /;
, , 1.15;
, 6 2.
Q = 654+120+360+593,4 = 1727,4 (/) 2 . | (3.5) |
L= Q∙(1/(c∙r(t t))) = 1727,4∙(1/(0,24∙ 1,29(27-18)) = 619 (3/)(3.6)
, 0.24 /;
, 1.29 / 3;
, 270;
, 180.
L. = Lrc(t- t)
L. =6191,290,24 (32-18)=2683 (3/)
SamsungAW 05EO.
( , .) [27]. 4 III . 20 2 , 1,5 2, 5 5-15 . 60 .
0.00-1.31-99. , , :
- 1 ;
- 2,5 .
2.
2. , .
2. :
1, 2 , 1,2
3.4
- , , [28]. , , :
- ;
- ;
- ;
- ;
- ;
- .
24-86, . - 2.01.02-85, -II, -87. 12.1.004-91* 2272-93 , . - . :
- ;
- ;
- ;
- .
10 , . 34.21.122-87.
, -II- IP44 IP2X . -87[29].
:
- ;
- , -2, 1 . 20 2 , ;
- ;
- 1 10 2;
- ;
- .
:
- 1,5 ;
- 2,0 ;
- 1,8 ;
- ;
- 100. :
- ;
- , .
3.5
.. , , .
3.6
.. , .
( , , , ..) . .
, - .
, , .
, , , :
- Crypton,
- Crypton,
- , Crypton .
.
C++, Borland C++ v 3.1.
:
- Crypton;
- Crypton.
:
- ;
;
- Crypton .
" " . . .
crypton
<encrdecr.cpp>
#include <stdio.h>
#include <string.h>
#include <conio.h>
#include <io.h>
#include <fcntl.h>
#include <iostream.h>
#include <sys/stat.h>
#include <stdlib.h>
#include "std_defs.h"
#include "crypton.h"
#include "atack.h"
void atack(int);
int main()
{
clrscr();
int i,q,f1,f2;
char f_nam1[111];
char f_nam2[111];
char f_nam3[111];
char w;
union
{
u1byte a1[4][4];
u4byte a4[4];
}
st,st1,st2,k;
for(i=0;i<4;i++)
k.a4[i]=0;
set_key(k.a4,128);
printf("encript/decrypt/atack(0/1/2)?");
cout<<'\n';
w=getch();
if((w!='0')&&(w!='1')&&(w!='2'))
exit(3);
if(w=='2')
{
cout<<"Enter name of atacking file"<<'\n';
gets(f_nam3);
f2=open(f_nam3,O_RDONLY|O_BINARY);
if(f2==-1)
{
close(f2);
exit(1);
}
atack(f2);
}
if(w=='0')
{
cout<<"Enter name of opening file"<<'\n';
gets(f_nam1);
cout<<"Enter name of encription file"<<'\n';
gets(f_nam2);
f1=open(f_nam1,O_RDONLY|O_BINARY);
if(f1==-1)
{ // perror(f_nam1);
puts(f_nam1);
cout<<'\n';
puts(f_nam2);
close(f1);
exit(1);
}
f2=open(f_nam2,O_WRONLY|O_CREAT|O_TRUNC|O_BINARY,S_IWRITE);
if(f2==-1)
{
close(f2);
exit(2);
}
do
{
q=read(f1,&st.a1[0][0],16);
if(q==16)
{
encrypt(st.a4, st1.a4);
write(f2,&st1.a1[0][0],16);
}
else
{
if(q>0)
{
for(i=0;i<4;i++)
st2.a4[i]=0;
for(i=0;i<q;i++)
{
st2.a1[i/4][i%4]=st.a1[i/4][i%4];
}
encrypt(st2.a4,st1.a4);
write(f2,&st1.a1[0][0],16);
}
}
}
while(q==16);
close(f1);
close(f2);
}
if(w=='1')
{
cout<<"Enter name of encription file"<<'\n';
gets(f_nam2);
cout<<"Enter name of decription file"<<'\n';
gets(f_nam3);
f1=open(f_nam2,O_RDONLY|O_BINARY);
if(f1==-1)
{
close(f1);
exit(1);
}
f2=open(f_nam3,O_WRONLY|O_CREAT|O_TRUNC|O_BINARY,S_IWRITE);
if(f2==-1)
{
close(f2);
exit(2);
}
do
{
q=read(f1,&st.a1[0][0],16);
if(q==16)
{
decrypt(st.a4, st1.a4);
write(f2,&st1.a1[0][0],16);
}
else
{
if(q>0)
{
for(i=0;i<4;i++)
st2.a4[i]=0;
for(i=0;i<q;i++)
{
st2.a1[i/4][i%4]=st.a1[i/4][i%4];
}
decrypt(st2.a4,st1.a4);
write(f2,&st1.a1[0][0],16);
}
}
}
while(q==16);
close(f1);
close(f2);
}
return 0;
}
<crypton.h>
#include "std_defs.h"
static char *alg_name[] = { "crypton", "crypton.c" };
char **cipher_name()
{
return alg_name;
}
#define gamma_tau(x,b,m,p,q) \
(x) = (((u4byte)s_box[p][byte(b[0],m)] ) | \
((u4byte)s_box[q][byte(b[1],m)] << 8) | \
((u4byte)s_box[p][byte(b[2],m)] << 16) | \
((u4byte)s_box[q][byte(b[3],m)] << 24))
#define ma_0 0x3fcff3fc
#define ma_1 0xfc3fcff3
#define ma_2 0xf3fc3fcf
#define ma_3 0xcff3fc3f
#define mb_0 0xcffccffc
#define mb_1 0xf33ff33f
#define mb_2 0xfccffccf
#define mb_3 0x3ff33ff3
#define pi(b,n0,n1,n2,n3) \
(((b)[0] & ma_##n0) ^ \
((b)[1] & ma_##n1) ^ \
((b)[2] & ma_##n2) ^ \
((b)[3] & ma_##n3))
#define phi_n(x,n0,n1,n2,n3) \
( (x) & mb_##n0) ^ \
(rotl((x), 8) & mb_##n1) ^ \
(rotl((x), 16) & mb_##n2) ^ \
(rotl((x), 24) & mb_##n3)
#define phi_00(x) phi_n(x,0,1,2,3)
#define phi_01(x) phi_n(x,3,0,1,2)
#define phi_02(x) phi_n(x,2,3,0,1)
#define phi_03(x) phi_n(x,1,2,3,0)
#define phi_10(x) phi_n(x,3,0,1,2)
#define phi_11(x) phi_n(x,2,3,0,1)
#define phi_12(x) phi_n(x,1,2,3,0)
#define phi_13(x) phi_n(x,0,1,2,3)
#define phi0(x,y) \
(y)[0] = phi_00((x)[0]); \
(y)[1] = phi_01((x)[1]); \
(y)[2] = phi_02((x)[2]); \
(y)[3] = phi_03((x)[3])
#define phi1(x,y) \
(y)[0] = phi_10((x)[0]); \
(y)[1] = phi_11((x)[1]); \
(y)[2] = phi_12((x)[2]); \
(y)[3] = phi_13((x)[3])
u1byte p_box[3][16] =
{ { 15, 9, 6, 8, 9, 9, 4, 12, 6, 2, 6, 10, 1, 3, 5, 15 },
{ 10, 15, 4, 7, 5, 2, 14, 6, 9, 3, 12, 8, 13, 1, 11, 0 },
{ 0, 4, 8, 4, 2, 15, 8, 13, 1, 1, 15, 7, 2, 11, 14, 15 }
};
u4byte tab_gen = 0;
u1byte s_box[2][256];
u4byte s_tab[4][256];
u4byte l_key[104];
u4byte *e_key = l_key + 52;
u4byte *d_key = l_key;
void gen_tab(void)
{ u4byte i, xl, xr, yl, yr;
for(i = 0; i < 256; ++i)
{
xl = (i & 0xf0) >> 4; xr = i & 15;
yr = xr ^ p_box[1][xl ^ p_box[0][xr]];
yl = xl ^ p_box[0][xr] ^ p_box[2][yr];
yr |= (yl << 4); s_box[0][i] = (u1byte)yr; s_box[1][yr] = (u1byte)i;
xr = yr * 0x01010101; xl = i * 0x01010101;
s_tab[0][ i] = xr & 0x3fcff3fc;
s_tab[1][yr] = xl & 0xfc3fcff3;
s_tab[2][ i] = xr & 0xf3fc3fcf;
s_tab[3][yr] = xl & 0xcff3fc3f;
}
};
/* initialise the key schedule from the user supplied key */
u4byte kp[4] = { 0xbb67ae85, 0x3c6ef372, 0xa54ff53a, 0x510e527f };
u4byte kq[4] = { 0x9b05688c, 0x1f83d9ab, 0x5be0cd19, 0xcbbb9d5d };
#define h0_block(n,r0,r1) \
e_key[4 * n + 8] = rotl(e_key[4 * n + 0], r0); \
e_key[4 * n + 9] = rc ^ e_key[4 * n + 1]; \
e_key[4 * n + 10] = rotl(e_key[4 * n + 2], r1); \
e_key[4 * n + 11] = rc ^ e_key[4 * n + 3]
#define h1_block(n,r0,r1) \
e_key[4 * n + 8] = rc ^ e_key[4 * n + 0]; \
e_key[4 * n + 9] = rotl(e_key[4 * n + 1], r0); \
e_key[4 * n + 10] = rc ^ e_key[4 * n + 2]; \
e_key[4 * n + 11] = rotl(e_key[4 * n + 3], r1)
u4byte *set_key(const u4byte in_key[], const u4byte key_len)
{ u4byte i, rc, t0, t1, tmp[4];
if(!tab_gen)
{
gen_tab(); tab_gen = 1;
}
e_key[2] = e_key[3] = e_key[6] = e_key[7] = 0;
switch((key_len + 63) / 64)
{
case 4: e_key[3] = in_key[6]; e_key[7] = in_key[7];
case 3: e_key[2] = in_key[4]; e_key[6] = in_key[5];
case 2: e_key[0] = in_key[0]; e_key[4] = in_key[1];
e_key[1] = in_key[2]; e_key[5] = in_key[3];
}
tmp[0] = pi(e_key, 0, 1, 2, 3) ^ kp[0];
tmp[1] = pi(e_key, 1, 2, 3, 0) ^ kp[1];
tmp[2] = pi(e_key, 2, 3, 0, 1) ^ kp[2];
tmp[3] = pi(e_key, 3, 0, 1, 2) ^ kp[3];
gamma_tau(e_key[0], tmp, 0, 0, 1);
gamma_tau(e_key[1], tmp, 1, 1, 0);
gamma_tau(e_key[2], tmp, 2, 0, 1);
gamma_tau(e_key[3], tmp, 3, 1, 0);
tmp[0] = pi(e_key + 4, 1, 2, 3, 0) ^ kq[0];
tmp[1] = pi(e_key + 4, 2, 3, 0, 1) ^ kq[1];
tmp[2] = pi(e_key + 4, 3, 0, 1, 2) ^ kq[2];
tmp[3] = pi(e_key + 4, 0, 1, 2, 3) ^ kq[3];
gamma_tau(e_key[4], tmp, 0, 1, 0);
gamma_tau(e_key[5], tmp, 1, 0, 1);
gamma_tau(e_key[6], tmp, 2, 1, 0);
gamma_tau(e_key[7], tmp, 3, 0, 1);
t0 = e_key[0] ^ e_key[1] ^ e_key[2] ^ e_key[3];
t1 = e_key[4] ^ e_key[5] ^ e_key[6] ^ e_key[7];
e_key[0] ^= t1; e_key[1] ^= t1;
e_key[2] ^= t1; e_key[3] ^= t1;
e_key[4] ^= t0; e_key[5] ^= t0;
e_key[6] ^= t0; e_key[7] ^= t0;
rc = 0x01010101;
h0_block( 0, 8, 16); h1_block(1, 16, 24); rc <<= 1;
h1_block( 2, 24, 8); h0_block(3, 8, 16); rc <<= 1;
h0_block( 4, 16, 24); h1_block(5, 24, 8); rc <<= 1;
h1_block( 6, 8, 16); h0_block(7, 16, 24); rc <<= 1;
h0_block( 8, 24, 8); h1_block(9, 8, 16); rc <<= 1;
h1_block(10, 16, 24);
for(i = 0; i < 13; ++i)
{
if(i & 1)
{
phi0(e_key + 4 * i, d_key + 48 - 4 * i);
}
else
{
phi1(e_key + 4 * i, d_key + 48 - 4 * i);
}
}
phi1(e_key + 48, e_key + 48);
phi1(d_key + 48, d_key + 48);
return l_key;
};
/* encrypt a block of text */
#define fr0(i,k) \
b1[i] = s_tab[ (i) ][byte(b0[0],i)] ^ \
s_tab[((i) + 1) & 3][byte(b0[1],i)] ^ \
s_tab[((i) + 2) & 3][byte(b0[2],i)] ^ \
s_tab[((i) + 3) & 3][byte(b0[3],i)] ^ (k)
#define fr1(i,k) \
b0[i] = s_tab[((i) + 1) & 3][byte(b1[0],i)] ^ \
s_tab[((i) + 2) & 3][byte(b1[1],i)] ^ \
s_tab[((i) + 3) & 3][byte(b1[2],i)] ^ \
s_tab[(i) ][byte(b1[3],i)] ^ (k)
#define f0_rnd(kp) \
fr0(0,(kp)[0]); fr0(1,(kp)[1]); \
fr0(2,(kp)[2]); fr0(3,(kp)[3])
#define f1_rnd(kp) \
fr1(0,(kp)[0]); fr1(1,(kp)[1]); \
fr1(2,(kp)[2]); fr1(3,(kp)[3])
void encrypt(const u4byte in_blk[4], u4byte out_blk[4])
{ u4byte b0[4], b1[4];
b0[0] = in_blk[0] ^ e_key[0];
b0[1] = in_blk[1] ^ e_key[1];
b0[2] = in_blk[2] ^ e_key[2];
b0[3] = in_blk[3] ^ e_key[3];
f0_rnd(e_key + 4); f1_rnd(e_key + 8);
f0_rnd(e_key + 12); f1_rnd(e_key + 16);
f0_rnd(e_key + 20); f1_rnd(e_key + 24);
f0_rnd(e_key + 28); f1_rnd(e_key + 32);
f0_rnd(e_key + 36); f1_rnd(e_key + 40);
f0_rnd(e_key + 44);
gamma_tau(b0[0], b1, 0, 1, 0);
gamma_tau(b0[1], b1, 1, 0, 1);
gamma_tau(b0[2], b1, 2, 1, 0);
gamma_tau(b0[3], b1, 3, 0, 1);
out_blk[0] = b0[0] ^ e_key[48];
out_blk[1] = b0[1] ^ e_key[49];
out_blk[2] = b0[2] ^ e_key[50];
out_blk[3] = b0[3] ^ e_key[51];
};
/* decrypt a block of text */
void decrypt(const u4byte in_blk[4], u4byte out_blk[4])
{ u4byte b0[4], b1[4];
b0[0] = in_blk[0] ^ d_key[0];
b0[1] = in_blk[1] ^ d_key[1];
b0[2] = in_blk[2] ^ d_key[2];
b0[3] = in_blk[3] ^ d_key[3];
f0_rnd(d_key + 4); f1_rnd(d_key + 8);
f0_rnd(d_key + 12); f1_rnd(d_key + 16);
f0_rnd(d_key + 20); f1_rnd(d_key + 24);
f0_rnd(d_key + 28); f1_rnd(d_key + 32);
f0_rnd(d_key + 36); f1_rnd(d_key + 40);
f0_rnd(d_key + 44);
gamma_tau(b0[0], b1, 0, 1, 0);
gamma_tau(b0[1], b1, 1, 0, 1);
gamma_tau(b0[2], b1, 2, 1, 0);
gamma_tau(b0[3], b1, 3, 0, 1);
out_blk[0] = b0[0] ^ d_key[48];
out_blk[1] = b0[1] ^ d_key[49];
out_blk[2] = b0[2] ^ d_key[50];
out_blk[3] = b0[3] ^ d_key[51];
}
<STD_DEFS.H>
/* 1. Standard types for AES cryptography source code */
typedef unsigned char u1byte; /* an 8 bit unsigned character type */
typedef unsigned short u2byte; /* a 16 bit unsigned integer type */
typedef unsigned long u4byte; /* a 32 bit unsigned integer type */
typedef signed char s1byte; /* an 8 bit signed character type */
typedef signed short s2byte; /* a 16 bit signed integer type */
typedef signed long s4byte; /* a 32 bit signed integer type */
/* 2. Standard interface for AES cryptographic routines */
/* These are all based on 32 bit unsigned values and will therefore */
/* require endian conversions for big-endian architectures */
#ifdef __cplusplus
extern "C"
{
#endif
char **cipher_name(void);
u4byte *set_key(const u4byte in_key[], const u4byte key_len);
void encrypt(const u4byte in_blk[4], u4byte out_blk[4]);
void decrypt(const u4byte in_blk[4], u4byte out_blk[4]);
#ifdef __cplusplus
};
#endif
/* 3. Basic macros for speeding up generic operations */
/* Circular rotate of 32 bit values */
#ifdef _MSC_VER
# include <stdlib.h>
# pragma intrinsic(_lrotr,_lrotl)
# define rotr(x,n) _lrotr(x,n)
# define rotl(x,n) _lrotl(x,n)
#else
#define rotr(x,n) (((x) >> ((int)(n))) | ((x) << (32 - (int)(n))))
#define rotl(x,n) (((x) << ((int)(n))) | ((x) >> (32 - (int)(n))))
#endif
/* Invert byte order in a 32 bit variable */
#define bswap(x) (rotl(x, 8) & 0x00ff00ff | rotr(x, 8) & 0xff00ff00)
/* Extract byte from a 32 bit quantity (little endian notation) */
#define byte(x,n) ((u1byte)((x) >> (8 * n)))
/* For inverting byte order in input/output 32 bit words if needed */
#ifdef BLOCK_SWAP
#define BYTE_SWAP
#define WORD_SWAP
#endif
#ifdef BYTE_SWAP
#define io_swap(x) bswap(x)
#else
#define io_swap(x) (x)
#endif
/* For inverting the byte order of input/output blocks if needed */
#ifdef WORD_SWAP
#define get_block(x) \
((u4byte*)(x))[0] = io_swap(in_blk[3]); \
((u4byte*)(x))[1] = io_swap(in_blk[2]); \
((u4byte*)(x))[2] = io_swap(in_blk[1]); \
((u4byte*)(x))[3] = io_swap(in_blk[0])
#define put_block(x) \
out_blk[3] = io_swap(((u4byte*)(x))[0]); \
out_blk[2] = io_swap(((u4byte*)(x))[1]); \
out_blk[1] = io_swap(((u4byte*)(x))[2]); \
out_blk[0] = io_swap(((u4byte*)(x))[3])
#define get_key(x,len) \
((u4byte*)(x))[4] = ((u4byte*)(x))[5] = \
((u4byte*)(x))[6] = ((u4byte*)(x))[7] = 0; \
switch((((len) + 63) / 64)) { \
case 2: \
((u4byte*)(x))[0] = io_swap(in_key[3]); \
((u4byte*)(x))[1] = io_swap(in_key[2]); \
((u4byte*)(x))[2] = io_swap(in_key[1]); \
((u4byte*)(x))[3] = io_swap(in_key[0]); \
break; \
case 3: \
((u4byte*)(x))[0] = io_swap(in_key[5]); \
((u4byte*)(x))[1] = io_swap(in_key[4]); \
((u4byte*)(x))[2] = io_swap(in_key[3]); \
((u4byte*)(x))[3] = io_swap(in_key[2]); \
((u4byte*)(x))[4] = io_swap(in_key[1]); \
((u4byte*)(x))[5] = io_swap(in_key[0]); \
break; \
case 4: \
((u4byte*)(x))[0] = io_swap(in_key[7]); \
((u4byte*)(x))[1] = io_swap(in_key[6]); \
((u4byte*)(x))[2] = io_swap(in_key[5]); \
((u4byte*)(x))[3] = io_swap(in_key[4]); \
((u4byte*)(x))[4] = io_swap(in_key[3]); \
((u4byte*)(x))[5] = io_swap(in_key[2]); \
((u4byte*)(x))[6] = io_swap(in_key[1]); \
((u4byte*)(x))[7] = io_swap(in_key[0]); \
}
#else
#define get_block(x) \
((u4byte*)(x))[0] = io_swap(in_blk[0]); \
((u4byte*)(x))[1] = io_swap(in_blk[1]); \
((u4byte*)(x))[2] = io_swap(in_blk[2]); \
((u4byte*)(x))[3] = io_swap(in_blk[3])
#define put_block(x) \
out_blk[0] = io_swap(((u4byte*)(x))[0]); \
out_blk[1] = io_swap(((u4byte*)(x))[1]); \
out_blk[2] = io_swap(((u4byte*)(x))[2]); \
out_blk[3] = io_swap(((u4byte*)(x))[3])
#define get_key(x,len) \
((u4byte*)(x))[4] = ((u4byte*)(x))[5] = \
((u4byte*)(x))[6] = ((u4byte*)(x))[7] = 0; \
switch((((len) + 63) / 64)) { \
case 4: \
((u4byte*)(x))[6] = io_swap(in_key[6]); \
((u4byte*)(x))[7] = io_swap(in_key[7]); \
case 3: \
((u4byte*)(x))[4] = io_swap(in_key[4]); \
((u4byte*)(x))[5] = io_swap(in_key[5]); \
case 2: \
((u4byte*)(x))[0] = io_swap(in_key[0]); \
((u4byte*)(x))[1] = io_swap(in_key[1]); \
((u4byte*)(x))[2] = io_swap(in_key[2]); \
((u4byte*)(x))[3] = io_swap(in_key[3]); \
}
#endif
#define beg /*
#define en */
<TACK.H>
#ifndef ATACH.H_H #define ATACH.H_H
#define ENCRYPT 0 #define DECRYPT 1
include "StdAfx.h" #include "Resource.h" include "winaesDlg.h"
define ROTL(x) ( ( (x) "7) | ( (x) "1) )
define R0TL8 (x) ( ( (x) "8) | ( (x) "24) ) define R0TL16(x) ( ( (x) "16) I ( (x) "16) ) define ROTL24 (x) ( ( (x) "24) | ( (x) "8) )
int KeyExpansion(CWinaesDlg* dig, int nb,int nk, BYTE* key); void Encrypt(CWinaesDlg* dig, BYTE* buff, BYTE* result); void InvDecrypt(CWinaesDlg* dig, BYTE* buff, BYTE* result); void EquDecrypt(CWinaesDlg* dig, BYTE* buff, BYTE* result);
int blockEncrypt(CWinaesDlg* dig, BYTE *input, int inputLen, BYTE* result, int cipher_mode); int blockDecrypt(CWinaesDlg* dig, BYTE *input, int inputLen, BYTE* result, int decrypt_mode, int cipher_mode);
endif
ATACH.H.CPP
include <stdio.h> include <stdlib.h> include "Rijndael.h" include "service.h"
define BPOLY (BYTE) Oxllb define MPOLY (BYTE) 0x101
BYTE Co[4]={0x3,0xl,0xl,0x2};
BYTE InvCo[4]={0xB,0xD,0x9,0xE};
int N, Nk, Nb, Nr;
DWORD fkey[120];
DWORD ikey[120]; // inverse key
DWORD ekey[120]; // equivalent key
BYTE subbytes[256] ; BYTE invsubbytes[256] ;
BYTE shfts[3][4];
static char strTmp[260], Tmp[260]; static DWORD s[8];
void ResetShifts() {
for (int i=0; i<3; i++)
for (int j=0; j<4; j++)
if (i==2 && j==3) shfts[i][j]=4; else shfts[i][j]=j;
void shiftrow(BYTE* row, int n, int direct)
BYTE t; int j ;
if (n)
for (int i=0; i<n; i++) switch (direct)
case ENCRYPT:
t=row[0];
for (j=l; j<Nb; j++) row[j-l]=row[j] ; row [Nb-1 Inbreak;
case DECRYPT:
t=row[Nb-l];
for (j = Nb-1; j>0; j--) row[j]=row[j-1] ,
row[0]=t;
break;
void ShifRows(BYTE* s, int direct)
BYTE temp[8]; int i, j;
for (i=0;i<4;i++)
for (j=0;j<Nb;j++) temp[j]=s[j*4+i];
shiftrow( temp, shfts[Nb/2-2][i], direct),
for (j=0;j<Nb;j++) s[j*4+i]=temp[j]; }
static DWORD pack(BYTE *b)
{
return ( (DWORD)b[3]"24) | ( (DWORD)b [2] "16) | ( (DWORD) b [1 ] "8) | (DWORD)b[0],
static void unpack(DWORD a,BYTE *b) {
b[0] = (BYTE)a;
b[l] = (BYTE) (a"8) ;
b[2] = (BYTE) (a"16) ;
b[3] = (BYTE) (a"24) ; }
static BYTE xtime(BYTE a, BYTE mod) {
return ( ( a & 0x80) ? a"lAmod
static BYTE add (BYTE a, BYTE b) {return ;}
static BYTE bmul(BYTE a,BYTE b, BYTE mod) {
BYTE t,s, u;
u=b; t=a; s=0;
while (u) {
if(u & 1) =;
u"=l ;
t=xtime(t, mod);
return (s); }
static BYTE square(BYTE a, BYTE mod) {
return (bmul(a,a, mod)); }
static BYTE product(DWORD x,DWORD y, BYTE mod) {
BYTE xb [ 4 ] , yb [ 4 ] ;
unpack(x,xb);
unpack(y,yb);
return bmul(xb[0],yb[0], mod)1(xb[1],yb[1], mod)1(xb[2],yb[2], mod)1(xb[3],yb[3], mod) ; }
static BYTE finv(const BYTE x, BYTE mod) {
BYTE result = x;
for (int i=l; i<7; i++) result = bmul(square(result , mod), x, mod);
return square(result, mod); }
BYTE SBinvModulo; BYTE SBmulModulo; BYTE SBmulConstl; BYTE SBmulConst2; BYTE SBaddConstl; BYTE SBaddConst2;
static BYTE ByteSubOLD(BYTE x) BYTE result=x;
result = finv( result , SBinvModulo);
result = bmul( SBmulConstl, result, SBmulModulo);
result = add( result, SBaddConstl);
return result; }
static BYTE InvByteSubOLD(BYTE x) BYTE result=x;
result = bmul( SBmulConst2, result, SBmulModulo); result = add(result, SBaddConst2); result = finv( result, SBinvModulo); return result;
void FillTables(int mode)
for (int i=0; i<256;
if (mode & 1) subbytes[i]= ByteSubOLD(i);
if (mode & 2) invsubbytes[i]= InvByteSubOLD(i)
void ResetTables()
Encrypt(dig, iv, block);
for (1 = k; (1 < (k + OFB_bits)) && (1 < (Nb"5) ) ; 1++) {
result[1 " 3] = (block[0] & 0x80U) " (1 & 7);
for (j = 0; j < (Nb"2)-1; j++) {
iv[j] = <iv[j] " 1) | (iv[j + 1] " 7);
block[j] = (block[j] " 1) | (block[j + 17);
1] " 1) | ((block[0] & 0x80U) " 7 );
} }
if (OFB_Debug) {
CharStr2HexStr((BYTE*)input, Tmp, Nb*4); sprintf(strTmp," in[%04u]=%s", i, Tmp); dlg->m_eDebug.AddString(strTmp);
CharStr2HexStr((BYTE*)result, Tmp, Nb*4); sprintf(strTmp,"out[%04u]=%s", i, Tmp); dlg->m_eDebug.AddString(strTmp); }
result += Nb"2;
input += Nb"2; }
free(iv); break;
case MODE_CTR:
iv = (BYTE*) malloc(Nb"2) ; memcpy(iv, cipher_IV, Nb"2);
for (i = 1; i <= numBlocks; i++) {
if (CTR_Debug) {
//CharStr2HexStr((BYTE*)s, Tmp, Nb*4);
sprintf(strTmp,"= CTR AES Nb=%u Nk=%u, block %04u encrypt ======================", Nb, Nk, i);
dlg->m_eDebug.AddString(strTmp);
CharStr2HexStr((BYTE*)iv, Tmp, Nb*4); sprintf(strTmp," IV[%04u]=%s", i, Tmp); dlg->m_eDebug.AddString(strTmp); }
Encrypt(dig, iv, result);
for (j=0; j < Nb; j++) ((DWORD*)result)[j] = ((DWORD*)input)[j];
increase_counter ( iv, Nb"2);
if (CTR_Debug) {
CharStr2HexStr((BYTE*)input, Tmp, Nb*4);
sprintf(strTmp," in[%04u]=%s", i, Tmp);
dlg->m_eDebug.AddString(strTmp);
CharStr2HexStr((BYTE*)result, Tmp, Nb*4); sprintf(strTmp,"out[%04u]=%s", i, Tmp); dlg->m_eDebug.AddString(strTmp); }
input += Nb"2; result += Nb"2; }
free(iv); break; default:
return BAD_CIPHER_STATE; }
return 128*numBlocks;
, XX , XXI .
Copyright (c) 2024 Stud-Baza.ru , , , .