DES演算法簡介
DES 演算法
DES演算法為密碼體制中的對稱密碼體制,又被稱為美國數據加密標準,是1972年美國IBM公司研製的對稱密碼體制加密演算法。明文按64位進行分組,密鑰長64位,密鑰事實上是56位參與DES運算(第8、16、24、32、40、48、56、64位是校驗位,使得每個密鑰都有奇數個1)分組後的明文組和56位的密鑰按位替代或交換的方法形成密文組的加密方法。
DES演算法具有極高安全性,除了用窮舉搜索法對DES演算法進行攻擊外,還沒有發現更有效的辦法。而56位長的密鑰的窮舉空間為2^56,這意味著如果一台計算機的速度是每一秒鐘檢測一百萬個密鑰,則它搜索完全部密鑰就需要將近2285年的時間,可見,這是難以實現的。然而,這並不等於說DES是不可破解的。而實際上,隨著硬體技術和Internet的發展,其破解的可能性越來越大,而且,所需要的時間越來越少。使用經過特殊設計的硬體並行處理要幾個小時。
為了克服DES密鑰空間小的缺陷,人們又提出了三重DES的變形方式。
Maven 依賴
工具類對於加密後使用Base64進行編碼,所以需要依賴Apache Commons Codec。
<dependency>
<groupId>commons-codec</groupId>
<artifactId>commons-codec</artifactId>
<version>1.9</version>
</dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>1.2.17</version>
</dependency>工具類實現
DESUtil提供了針對文本內容、位元組數組內容的加解密實現,DESUtil工具類可以直接複製使用,代碼如下:
package com.arhorchin.securitit.enordecryption.des;
import java.security.Key;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.DESKeySpec;
import javax.crypto.spec.IvParameterSpec;
import org.apache.commons.codec.binary.Base64;
import org.apache.log4j.Logger;
/**
* @author Securitit.
* @note DES加密演算法實現.
*/
public class DESUtil {
/**
* logger.
*/
private static Logger logger = Logger.getLogger(DESUtil.class);
/**
* 數據編碼.
*/
private static final String CHARSET_UTF8 = "UTF-8";
/**
* 演算法編號.
*/
public static final String DES_NAME = "DES";
/**
* CBC模式串.
*/
public static final String DES_NAME_ECB = "DES/CBC/PKCS5Padding";
/**
* 初始向量.
*/
public static final byte[] DES_KEY_IV = { 1, 2, 3, 4, 5, 6, 7, 8 };
/**
* 根據密碼生成Key.要求:密碼長度是8的倍數.
* @param desKeyPwd 密碼字元串.
* @return DES密鑰.
* @throws Exception 可能異常.
*/
public static String generateDesKey(String desKeyPwd) throws Exception {
DESKeySpec desKeySpec = null;
SecretKeyFactory keyFactory = null;
byte[] keyBytes = null;
desKeySpec = new DESKeySpec(desKeyPwd.getBytes(CHARSET_UTF8));
keyFactory = SecretKeyFactory.getInstance(DES_NAME);
keyBytes = keyFactory.generateSecret(desKeySpec).getEncoded();
return Base64.encodeBase64String(keyBytes);
}
/**
* 對文本內容進行加密.
* @param plainText 待加密明文內容.
* @param desKey DES密鑰.
* @return 加密的密文.
*/
public static String encodeText(String plainText, String desKey) throws Exception {
byte[] desKeyBytes = null;
byte[] plainBytes = null;
byte[] cipherBytes = null;
try {
desKeyBytes = Base64.decodeBase64(desKey);
plainBytes = plainText.getBytes(CHARSET_UTF8);
cipherBytes = encodeByCbc(plainBytes, desKeyBytes, DES_KEY_IV);
return Base64.encodeBase64String(cipherBytes);
} catch (Exception ex) {
logger.error("DESUtil.encodeText.", ex);
return "";
}
}
/**
* 對文本密文進行解密.
* @param cipherText 待解密密文.
* @param desKey DES密鑰.
* @return 解密的明文.
*/
public static String decodeText(String cipherText, String desKey) throws Exception {
byte[] desKeyBytes = null;
byte[] cipherBytes = null;
byte[] plainBytes = null;
try {
desKeyBytes = Base64.decodeBase64(desKey);
cipherBytes = Base64.decodeBase64(cipherText);
plainBytes = decodeByCbc(cipherBytes, desKeyBytes, DES_KEY_IV);
return new String(plainBytes, CHARSET_UTF8);
} catch (Exception ex) {
logger.error("DESUtil.decodeText.", ex);
return "";
}
}
/**
* 對位元組數組內容進行加密.
* @param plainText 待加密明文內容.
* @param dseKey DES密鑰.
* @return 加密的密文.
*/
public static byte[] encodeBytes(byte[] plainBytes, String desKey) throws Exception {
byte[] desKeyBytes = null;
byte[] cipherBytes = null;
try {
desKeyBytes = Base64.decodeBase64(desKey);
cipherBytes = encodeByCbc(plainBytes, desKeyBytes, DES_KEY_IV);
return cipherBytes;
} catch (Exception ex) {
logger.error("DESUtil.encodeBytes.", ex);
return new byte[0];
}
}
/**
* 對位元組數組密文進行解密.
* @param cipherText 待解密密文.
* @param desKey DES密鑰.
* @return 解密的明文.
*/
public static byte[] decodeBytes(byte[] cipherBytes, String desKey) throws Exception {
byte[] desKeyBytes = null;
byte[] plainBytes = null;
try {
desKeyBytes = Base64.decodeBase64(desKey);
plainBytes = decodeByCbc(cipherBytes, desKeyBytes, DES_KEY_IV);
return plainBytes;
} catch (Exception ex) {
logger.error("DESUtil.decodeBytes.", ex);
return new byte[0];
}
}
/**
* DES演算法使用CBC模式進行加密.
* @param plainBytes 原文內容.
* @param desKey DES密鑰.
* @param keyIv DES初始向量.
* @return 加密後的內容.
* @throws Exception .
*/
public static byte[] encodeByCbc(byte[] plainBytes, byte[] desKey, byte[] keyIv) throws Exception {
Key deskey = null;
DESKeySpec desSpec = null;
SecretKeyFactory keyFactory = null;
Cipher cipher = null;
IvParameterSpec ivSpec = null;
byte[] cipherOut = null;
desSpec = new DESKeySpec(desKey);
keyFactory = SecretKeyFactory.getInstance(DES_NAME);
deskey = keyFactory.generateSecret(desSpec);
cipher = Cipher.getInstance(DES_NAME_ECB);
ivSpec = new IvParameterSpec(keyIv);
cipher.init(Cipher.ENCRYPT_MODE, deskey, ivSpec);
cipherOut = cipher.doFinal(plainBytes);
return cipherOut;
}
/**
* DES演算法使用CBC模式進行解密.
* @param plainBytes 密文內容.
* @param desKey DES密鑰.
* @param keyIv DES初始向量.
* @return 解密後的內容.
* @throws Exception .
*/
public static byte[] decodeByCbc(byte[] plainBytes, byte[] desKey, byte[] keyIv) throws Exception {
Key deskey = null;
DESKeySpec desSpec = null;
SecretKeyFactory keyFactory = null;
Cipher cipher = null;
IvParameterSpec ivSpec = null;
byte[] cipherOut = null;
desSpec = new DESKeySpec(desKey);
keyFactory = SecretKeyFactory.getInstance(DES_NAME);
deskey = keyFactory.generateSecret(desSpec);
cipher = Cipher.getInstance(DES_NAME_ECB);
ivSpec = new IvParameterSpec(keyIv);
cipher.init(Cipher.DECRYPT_MODE, deskey, ivSpec);
cipherOut = cipher.doFinal(plainBytes);
return cipherOut;
}
}工具類測試
package com.arhorchin.securitit.enordecryption.des;
import java.util.Arrays;
/**
* @author Securitit.
* @note DESUtil測試類.
*/
public class DESUtilTester {
public static void main(String[] args) throws Exception {
String desKeyPwd = "1234567887654321";
String desKey = null;
String plainText = "This is 一段明文內容!";
String cipherText = null;
System.out.println("----------------------- 獲取DES秘鑰 -------------------------");
desKey = DESUtil.generateDesKey(desKeyPwd);
System.out.println("秘鑰:" + desKey);
System.out.println();
// 文本加解密測試.
System.out.println("----------------------- 文本加解密測試 -------------------------");
System.out.println("明文:" + plainText);
cipherText = DESUtil.encodeText(plainText, desKey);
System.out.println("密文:" + cipherText);
plainText = DESUtil.decodeText(cipherText, desKey);
System.out.println("解密明文:" + plainText);
System.out.println();
System.out.println("----------------------- 位元組數組加解密測試 -------------------------");
byte[] plainBytes = plainText.getBytes("UTF-8");
byte[] cipherBytes = null;
System.out.println("明文:" + Arrays.toString(plainBytes));
cipherBytes = DESUtil.encodeBytes(plainBytes, desKey);
System.out.println("密文:" + Arrays.toString(cipherBytes));
plainBytes = DESUtil.decodeBytes(cipherBytes, desKey);
System.out.println("解密明文:" + Arrays.toString(plainBytes));
System.out.println();
}
}控制台輸出
查看Console中的控制台內容,明文和解密後明文對比,可以確認DESUtil可以正常工作,控制台如下圖:
----------------------- 獲取DES秘鑰 -------------------------
秘鑰:MTIyNDQ3Nzg=
----------------------- 文本加解密測試 -------------------------
明文:This is 一段明文內容!
密文:2guHzIWpad0klMjyRZERLW83acN0AM0F19NZ18NF214=
解密明文:This is 一段明文內容!
----------------------- 位元組數組加解密測試 -------------------------
明文:[84, 104, 105, 115, 32, 105, 115, 32, -28, -72, -128, -26, -82, -75, -26, -104, -114, -26, -106, -121, -27, -122, -123, -27, -82, -71, -17, -68, -127]
密文:[-38, 11, -121, -52, -123, -87, 105, -35, 36, -108, -56, -14, 69, -111, 17, 45, 111, 55, 105, -61, 116, 0, -51, 5, -41, -45, 89, -41, -61, 69, -37, 94]
解密明文:[84, 104, 105, 115, 32, 105, 115, 32, -28, -72, -128, -26, -82, -75, -26, -104, -114, -26, -106, -121, -27, -122, -123, -27, -82, -71, -17, -68, -127]總結
現代密碼學應用中,DES的身影已越來越少見,隨著硬體和互聯網的發展,DES在安全性方面的劣勢變得尤為明顯。在DES之後,逐漸出現了用於過渡的3DES以及新一代密碼演算法AES,3DES是為了使得DES更加難以破解,使用三次DES加解密疊加得到的密碼演算法。而AES是作為下一代對稱密碼學演算法,使用完全不同的演算法進行了實現。在實際應用中,可以根據個人所需,選擇合適的演算法進行應用。
原創文章,作者:投稿專員,如若轉載,請註明出處:https://www.506064.com/zh-tw/n/212801.html
微信掃一掃 
支付寶掃一掃 