By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
443,889 Members | 1,297 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 443,889 IT Pros & Developers. It's quick & easy.

I need Tripple DES encryption algorithm in C

P: n/a
Hello C

I have a project that requires a calculated "key" to be used in a security
access application. The customer supplies a secret 8 byte number that gets
combined with the serial number of the access card to provide a unique
access key for that card.

They've specified that the encryption method (called "diversification") is
something called Tripple DES. I'm not a crypto weenie, just a software guy.
My research on this has led me to block diagrams of the process but no code
examples on how to impliment Tripple DES.

Does anybody know of public domain code for Tripple DES in C?

Thanks
Mar 23 '07 #1
Share this Question
Share on Google+
3 Replies


P: n/a
On 23 Mar, 11:33, "Dave Cullen" <nos...@mail.comwrote:
>
They've specified that the encryption method (called "diversification") is
something called Tripple DES. I'm not a crypto weenie, just a software guy.
My research on this has led me to block diagrams of the process but no code
examples on how to impliment Tripple DES.

Does anybody know of public domain code for Tripple DES in C?
The correct place for this would be sci.crypt, but here's the basics.

The underlying encryption algorithm is called "DES", or "Data
Encryption Standard" - see http://en.wikipedia.org/wiki/Data_Encryption_Standard.

Triple DES is simply DES applied three times - see http://en.wikipedia.org/wiki/Triple_DES.

You need three keys; the normal way of doing 3DES is:

C = E(K3, D(K2, E(K1, P)))

which means encrypt the plaintext using key 1, then decrypt the result
using key 2, then encrypt the result of that using key 3

The main reason for the middle step being a decryption, by the way, is
that if you used the same key for K1, K2, and K3, the result would be
identical to normal single DES encryption, which makes it a doddle to
implement both in the same hardware.

The usually accepted method for obtaining the keys is to hash the
passphrase (or in your case the generated access key) using the
algorithm specified in RFC2898 (see http://tools.ietf.org/html/rfc2898).

To be perfectly honest, if the data you are protecting is important or
valuable, you _really_ should get someone experienced in cryptography
to do this stuff for you; it can be extraordinarily difficult to do
crypto correctly and securely. And if the data is not that important
or valuable, why on earth are you using 3DES?!

Best of luck :)

Mar 23 '07 #2

P: n/a
On Mar 23, 12:33 pm, "Dave Cullen" <nos...@mail.comwrote:
Hello C
Hello,
Does anybody know of public domain code for Tripple DES in C?
The OpenSSL library supports that!
>
Thanks

Mar 23 '07 #3

P: n/a
Dave Cullen wrote:
Hello C

I have a project that requires a calculated "key" to be used in a security
access application. The customer supplies a secret 8 byte number that gets
combined with the serial number of the access card to provide a unique
access key for that card.

They've specified that the encryption method (called "diversification") is
something called Tripple DES. I'm not a crypto weenie, just a software guy.
My research on this has led me to block diagrams of the process but no code
examples on how to impliment Tripple DES.

Does anybody know of public domain code for Tripple DES in C?
For starters, get a crypto book (include lot of C code):

http://www.schneier.com/book-applied.html

"just a software guy" is hardly the right person to implement this. If
you have DES source code, it's trivial to implement 3DES.

The point about key diversification, is that the whole system will not
be broken if a card/token is cracked.

--
Tor
Mar 28 '07 #4

This discussion thread is closed

Replies have been disabled for this discussion.