On 23 Mar, 11:33, "Dave Cullen" <nos...@mail.co mwrote:
>
They've specified that the encryption method (called "diversificatio n") is
something called Tripple DES. I'm not a crypto weenie, just a software guy.
My research on this has led me to block diagrams of the process but no code
examples on how to impliment Tripple DES.
Does anybody know of public domain code for Tripple DES in C?
The correct place for this would be sci.crypt, but here's the basics.
The underlying encryption algorithm is called "DES", or "Data
Encryption Standard" - see
http://en.wikipedia.org/wiki/Data_Encryption_Standard.
Triple DES is simply DES applied three times - see
http://en.wikipedia.org/wiki/Triple_DES.
You need three keys; the normal way of doing 3DES is:
C = E(K3, D(K2, E(K1, P)))
which means encrypt the plaintext using key 1, then decrypt the result
using key 2, then encrypt the result of that using key 3
The main reason for the middle step being a decryption, by the way, is
that if you used the same key for K1, K2, and K3, the result would be
identical to normal single DES encryption, which makes it a doddle to
implement both in the same hardware.
The usually accepted method for obtaining the keys is to hash the
passphrase (or in your case the generated access key) using the
algorithm specified in RFC2898 (see
http://tools.ietf.org/html/rfc2898).
To be perfectly honest, if the data you are protecting is important or
valuable, you _really_ should get someone experienced in cryptography
to do this stuff for you; it can be extraordinarily difficult to do
crypto correctly and securely. And if the data is not that important
or valuable, why on earth are you using 3DES?!
Best of luck :)
