Система криптозащиты в стандарте DES. Система взаимодействия периферийных устройств

Return to the FIPS

Home Page

FIPS PUB 46-2

Supersedes FIPS PUB 46-1

1988 January 22

Federal Information

Processing Standards Publication 46-2

1993 December 30

Announcing the Standard for

DATA ENCRYPTION STANDARD (DES)

(The Foreword, Abstract, and Key Words

can be found at the end of this document.)

Federal Information Processing Standards Publications (FIPS PUBS) are issued by

the National Bureau of Standards in accordance with section 111 (f) (2) of the

Federal Property and Administrative Services Act of 1949, as amended, Public Law

89-306 (79 Stat 1127), Executive Order 11717 (38 FR 12315, dated May 11, 1973),

and Part 6 of Title 15 Code of Federal Regulations.

1. Name of Standard. Data Encryption Standard (DES).

2. Category of Standard. Computer Security.

3. Explanation. The Data Encryption Standard (DES) specifies a FIPS approved

cryptographic algorithm as required by FIPS 140-1. This publication provides a

complete description of a mathematical algorithm for encrypting (enciphering)

and decrypting (deciphering) binary coded information. Encrypting data converts

it to an unintelligible form called cipher. Decrypting cipher converts the data

back to its original form called plaintext. The algorithm described in this

standard specifies both enciphering and deciphering operations which are based

on a binary number called a key.

A key consists of 64 binary digits ("O"s or "1"s) of which 56 bits are randomly

generated and used directly by the algorithm. The other 8 bits, which are not

used by the algorithm, are used for error detection. The 8 error detecting bits

are set to make the parity of each 8-bit byte of the key odd, i.e., there is an

odd number of "1"s in each 8-bit byte1. Authorized users of encrypted computer

data must have the key that was used to encipher the data in order to decrypt

it. The encryption algorithm specified in this standard is commonly known among

those using the standard. The unique key chosen for use in a particular

application makes the results of encrypting data using the algorithm unique.

Selection of a different key causes the cipher that is produced for any given

set of inputs to be different. The cryptographic security of the data depends on

the security provided for the key used to encipher and decipher the data.

Data can be recovered from cipher only by using exactly the same key used to

encipher it. Unauthorized recipients of the cipher who know the algorithm but do

not have the correct key cannot derive the original data algorithmically.

However, anyone who does have the key and the algorithm can easily decipher the

cipher and obtain the original data. A standard algorithm based on a secure key

thus provides a basis for exchanging encrypted computer data by issuing the key

used to encipher it to those authorized to have the data.

Data that is considered sensitive by the responsible authority, data that has a

high value, or data that represents a high value should be cryptographically

protected if it is vulnerable to unauthorized disclosure or undetected

modification during transmission or while in storage. A risk analysis should be

performed under the direction of a responsible authority to determine potential

threats. The costs of providing cryptographic protection using this standard as

well as alternative methods of providing this protection and their respective

costs should be projected. A responsible authority then should make a decision,

based on these analyses, whether or not to use cryptographic protection and this

standard.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1 Sometimes keys are generated in an encrypted form. A random 64-bite number is

generated and defined to be the cipher formed by the encryption of a key using a

key encrypting key. In this case the parity bits of the encrypted key cannot be

set until after the key is decrypted.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

4. Approving Authority. Secretary of Commerce.

5. Maintenance Agency. U.S. Department of Commerce, National Institute of

Standards and Technology, Computer Systems Laboratory.

6. Applicability. This standard may be used by Federal departments and agencies

when the following conditions apply:

An authorized official or manager responsible for data security or the

security of any computer system decides that cryptographic protection is

required; and

2. The data is not classified according to the National Security Act of

1947, as amended, or the Atomic Energy Act of 1954, as amended.

Federal agencies or departments which use cryptographic devices for

protecting data classified according to either of these acts can use those

devices for protecting unclassified data in lieu of the standard.

Other FIPS approved cryptographic algorithms may be used in addition to, or

in lieu of, this standard when implemented in accordance with FIPS 140-1.

In addition, this standard may be adopted and used by non-Federal Government

organizations. Such use is encouraged when it provides the desired security

for commercial and private organizations.

7. Applications. Data encryption (cryptography) is utilized in various

applications and environments. The specific utilization of encryption and

the implementation of the DES will be based on many factors particular to

the computer system and its associated components. In general, cryptography

is used to protect data while it is being communicated between two points or

while it is stored in a medium vulnerable to physical theft. Communication

security provides protection to data by enciphering it at the transmitting

point and deciphering it at the receiving point. File security provides

protection to data by enciphering it when it is recorded on a storage medium

and deciphering it when it is read back from the storage medium. In the

first case, the key must be available at the transmitter and receiver

simultaneously during communication. In the second case, the key must be

maintained and accessible for the duration of the storage period. FIPS 171

provides approved methods for managing the keys used by the algorithm

specified in this standard.

8. Implementations. Cryptographic modules which implement this standard

shall conform to the requirements of FIPS 140-1. The algorithm specified in

this standard may be implemented in software, firmware, hardware, or any

combination thereof. The specific implementation may depend on several

factors such as the application, the environment, the technology used, etc.

Implementations which may comply with this standard include electronic

devices (e.g., VLSI chip packages), micro-processors using Read Only Memory

(ROM), Programmable Read Only Memory (PROM), or Electronically Erasable Read

Only Memory (EEROM), and mainframe computers using Random Access Memory

(RAM). When the algorithm is implemented in software or firmware, the

processor on which the algorithm runs must be specified as part of the

validation process. Implementations of the algorithm which are tested and

validated by NIST will be considered as complying with the standard. Note

that FIPS 140-1 places additional requirements on cryptographic modules for

Government use. Information about devices that have been validated and

procedures for testing and validating equipment for conformance with this

standard and FIPS 140-1 are available from the National Institute of

Standards and Technology, Computer Systems Laboratory, Gaithersburg, MD

20899.

9. Export Control. Cryptographic devices and technical data regarding them

are subject to Federal Government export controls as specified in Title 22,

Code of Federal Regulations, Parts 120 through 128. Some exports of

cryptographic modules implementing this standard and technical data

regarding them must comply with these Federal regulations and be licensed by

ДИПЛОМНЫЙ ПРОЕКТ

на тему

'Система криптозащиты в стандарте DES.

Система взаимодействия периферийных устройств'.

Защищен на 5 23.02.2001г. в Московском техническом университете

связи и информатики.

Кафедра многоканальной электросвязи.

Автор Рычков Александр Иванович

mail:r_aleks@permonline.ru

81C51.EXE- УПАКОВАННЫЙ СИМУЛЯТОР(ЗАПУСТИТЬ LSE.EXE,ЗАГРУЗИТЬ *.ASM,

НАЖАТЬ CTRL+F9, ВЫБРАТЬ ВЕРХНЮЮ СТРОКУ, ПОТОМ ВТОРУЮ И ЗАТЕМ SIM51,

ЗДЕСЬ F1-ПУСК,F9-F10 ШАГ ВПЕРЕД-НАЗАД...)