Intel R Integrated Performance Primitives. Cryptography Guide. Andrzej Chrzȩszczyk Jakub Chrzȩszczyk

Similar documents
Advanced Encryption Standard and Modes of Operation. Foundations of Cryptography - AES pp. 1 / 50

Cryptography and Network Security

NIST Cryptographic Toolkit

Acronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector

Cryptography MIS

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Data Encryption Standard (DES)

3 Symmetric Key Cryptography 3.1 Block Ciphers Symmetric key strength analysis Electronic Code Book Mode (ECB) Cipher Block Chaining Mode (CBC) Some

CSE 127: Computer Security Cryptography. Kirill Levchenko

ECE 646 Fall 2009 Final Exam December 15, Multiple-choice test

Advanced Crypto. 2. Public key, private key and key exchange. Author: Prof Bill Buchanan

Outline. Data Encryption Standard. Symmetric-Key Algorithms. Lecture 4

Analysis, demands, and properties of pseudorandom number generators

Introduction to Cryptographic Systems. Asst. Prof. Mihai Chiroiu

CRYPTOGRAPHY AND NETWROK SECURITY-QUESTION BANK

Symmetric, Asymmetric, and One Way Technologies

(a) Symmetric model (b) Cryptography (c) Cryptanalysis (d) Steganography

Network Security Essentials Chapter 2

CIS 4360 Secure Computer Systems Symmetric Cryptography

UNCLASSIFIED INFORMATION TECHNOLOGY SECURITY GUIDANCE

Stream Ciphers and Block Ciphers

Block Cipher Operation. CS 6313 Fall ASU

SUMMARY OF INFORMATION ON EACH COURSE

Crypto Library. Microchip Libraries for Applications (MLA) Copyright (c) 2012 Microchip Technology Inc. All rights reserved.

Study Guide to Mideterm Exam

Computer Security 3/23/18

Secret Key Cryptography

Encryption I. An Introduction

CHAPTER 6. SYMMETRIC CIPHERS C = E(K2, E(K1, P))

Modern Symmetric Block cipher

This chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest

Encrypting and Decrypting using CTR and CBC Modes in C# with BouncyCastle

APNIC elearning: Cryptography Basics

ECE 646 Fall 2015 Term Project. Overview, comparison of open crypto libraries for application development. By Ravi Kota

KALASALINGAM UNIVERSITY

FIPS Non-Proprietary Security Policy. Level 1 Validation Version 1.2

Cryptographic Systems

Double-DES, Triple-DES & Modes of Operation

Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank

Public Key Algorithms

IEEE Std and IEEE Std 1363a Ashley Butterworth Apple Inc.

PGP: An Algorithmic Overview

Encrypt Data (QC3ENCDT, Qc3EncryptData) API

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Lecture 1 Applied Cryptography (Part 1)

Jaap van Ginkel Security of Systems and Networks

BCA III Network security and Cryptography Examination-2016 Model Paper 1

Acronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector

Information Security CS526

Symmetric Cryptography. CS4264 Fall 2016

Symantec Corporation

Public Key Cryptography

Encryption 2. Tom Chothia Computer Security: Lecture 3

RSA BSAFE Crypto-C Micro Edition Security Policy

Computer Security: Principles and Practice

Week 5: Advanced Encryption Standard. Click

The question paper contains 40 multiple choice questions with four choices and students will have to pick the correct one (each carrying ½ marks.).

Chapter 6 Contemporary Symmetric Ciphers

FIPS Security Policy

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

T Cryptography and Data Security

EEC-484/584 Computer Networks

Route1 FIPS Cryptographic Module

Winter 2011 Josh Benaloh Brian LaMacchia

FPGA Implementation of High Speed AES Algorithm for Improving The System Computing Speed

The Application of Elliptic Curves Cryptography in Embedded Systems

Total No. of Questions : 09 ] [ Total No.of Pages : 02

Introduction to Modern Cryptography. Lecture 2. Symmetric Encryption: Stream & Block Ciphers

Glenda Whitbeck Global Computing Security Architect Spirit AeroSystems

TABLE OF CONTENTS CHAPTER NO. TITLE PAGE NO.

The Rectangle Attack

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Block Cipher Modes of Operation

Introduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

borzoi Manual Dragongate Technologies Ltd.

Basics of Cryptography

CS6701- CRYPTOGRAPHY AND NETWORK SECURITY UNIT 2 NOTES

Part XII. From theory to practice in cryptography

Oracle Solaris Userland Cryptographic Framework Software Version 1.0 and 1.1

Computer Security CS 526

Cryptography in Lotus Notes/Domino Pragmatic Introduction for Administrators

The FastDES: A New Look of Data Encryption Standard

More on Cryptography CS 136 Computer Security Peter Reiher January 19, 2017

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

Content of this part

ENGI 8868/9877 Computer and Communications Security III. BLOCK CIPHERS. Symmetric Key Cryptography. insecure channel

Using block ciphers 1

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

- 0 - CryptoLib: Cryptography in Software John B. Lacy 1 Donald P. Mitchell 2 William M. Schell 3 AT&T Bell Laboratories ABSTRACT

CRYPTOGRAPHY AND NETWORK SECURITY

Building Blocks of the Security and Management Engine

Jaap van Ginkel Security of Systems and Networks

Stream Ciphers and Block Ciphers

Oracle Solaris Kernel Cryptographic Framework Software Version 1.0 and 1.1

Network Security Essentials

Chapter 9. Public Key Cryptography, RSA And Key Management

The most important development from the work on public-key cryptography is the digital signature. Message authentication protects two parties who

Transcription:

Intel R Integrated Performance Primitives Cryptography Guide Andrzej Chrzȩszczyk Jakub Chrzȩszczyk November, 2010

Foreword The aim of this document is to make the first steps in using the IPP cryptography library easier. For this purpose we have prepared sample codes to almost all primitives described in the [MANUAL]. A general description of algorithms implemented in IPP cryptographic library may be found in several documents freely available in the Internet, so we have decided to restrict our bibliography to such positions. Since the best possible compilation method of IPP code depends on several factors, we usually propose the simplest compilation methods of our examples, we know. Unfortunately, with such an approach the good performance can be lost, so in few places (cf. for example page 215) we show how to obtain faster programs (we have access to the Linux version of IPP library only). The reader interested in optimal compilation is referred to an appropriate user guide in http://software.intel.com/en-us/articles/intelintegrated-performance-primitives-documentation/.

Contents Foreword............................... 1 I Private key cryptography 10 1 Block cipher modes of operation 11 2 DES 13 2.1 DES context preparation.................... 13 2.2 Using DES in ECB mode.................... 13 2.3 DES-ECB example....................... 14 2.4 Using DES in CBC mode.................... 15 2.5 DES-CBC example....................... 16 2.6 Using DES in CFB mode.................... 17 2.7 DES-CFB example....................... 17 2.8 Using DES in OFB mode.................... 18 2.9 DES-OFB example....................... 19 2.10 Using DES in CTR mode................... 20 2.11 DES-CTR example....................... 21 3 Triple DES 23 3.1 Using TDES in ECB mode................... 23 3.2 TDES-ECB example...................... 24 3.3 Using TDES in CBC mode................... 25 3.4 TDES-CBC example...................... 26 3.5 Using TDES in CFB mode................... 28 3.6 TDES-CFB example...................... 28 3.7 Using TDES in OFB mode................... 30 3.8 TDES-OFB example...................... 31 3.9 Using TDES in CTR mode................... 32

CONTENTS 3 3.10 TDES-CTR example...................... 33 4 Rijndael 35 4.1 Rijndael128 context preparation................ 35 4.2 Using Rijndael128 in ECB mode................ 36 4.3 Rijndael128-ECB example................... 37 4.4 Using Rijndael128 in CBC mode................ 38 4.5 Rijndael128-CBC example................... 39 4.6 Using Rijndael128 in CFB mode................ 40 4.7 Rijndael128-CFB example................... 41 4.8 Using Rijndael128 in OFB mode................ 42 4.9 Rijndael128-OFB example................... 43 4.10 Using Rijndael128 in CTR mode............... 45 4.11 Rijndael128-CTR example................... 45 4.12 Rijndael192 context preparation................ 47 4.13 Using Rijndael192 in ECB mode................ 47 4.14 Rijndael192-ECB example................... 48 4.15 Using Rijndael192 in CBC mode................ 49 4.16 Rijndael192-CBC example................... 50 4.17 Using Rijndael192 in CFB mode................ 51 4.18 Rijndael192-CFB example................... 51 4.19 Using Rijndael192 in OFB mode................ 53 4.20 Rijndael192-OFB example................... 53 4.21 Using Rijndael192 in CTR mode............... 55 4.22 Rijndael192-CTR example................... 55 4.23 Rijndael256 context preparation................ 57 4.24 Using Rijndael256 in ECB mode................ 57 4.25 Rijndael256-ECB example................... 58 4.26 Using Rijndael256 in CBC mode................ 59 4.27 Rijndael256-CBC example................... 60 4.28 Using Rijndael256 in CFB mode................ 61 4.29 Rijndael256-CFB example................... 62 4.30 Using Rijndael256 in OFB mode................ 63 4.31 Rijndael256-OFB example................... 64 4.32 Using Rijndael256 in CTR mode............... 65 4.33 Rijndael256-CTR example................... 66

CONTENTS 4 5 Blowfish 68 5.1 Blowfish context preparation.................. 68 5.2 Using Blowfish in ECB mode................. 68 5.3 Blowfish-ECB example..................... 69 5.4 Using Blowfish in CBC mode................. 70 5.5 Blowfish-CBC example..................... 71 5.6 Using Blowfish in CFB mode................. 72 5.7 Blowfish-CFB example..................... 73 5.8 Using Blowfish in OFB mode................. 74 5.9 Blowfish-OFB example..................... 75 5.10 Using Blowfish in CTR mode................. 76 5.11 Blowfish-CTR example..................... 76 6 Twofish 78 6.1 Twofish context preparation.................. 78 6.2 Using Twofish in ECB mode.................. 78 6.3 Twofish-ECB example..................... 79 6.4 Using Twofish in CBC mode.................. 80 6.5 Twofish-CBC example..................... 81 6.6 Using Twofish in CFB mode.................. 82 6.7 Twofish-CFB example..................... 83 6.8 Using Twofish in OFB mode.................. 84 6.9 Twofish-OFB example..................... 85 6.10 Using Twofish in CTR mode.................. 86 6.11 Twofish-CTR example..................... 87 7 ARCFive 89 7.1 ARCFive64 context preparation................ 89 7.2 Using ARCFive64 in ECB mode................ 89 7.3 ARCFive64-ECB example................... 90 7.4 Using ARCFive64 in CBC mode................ 91 7.5 ARCFive64-CBC example................... 92 7.6 Using ARCFive64 in CFB mode................ 93 7.7 ARCFive64-CFB example................... 94 7.8 Using ARCFive64 in OFB mode................ 95 7.9 ARCFive64-OFB example................... 95 7.10 Using ARCFive64 in CTR mode................ 97 7.11 ARCFive64-CTR example................... 97

CONTENTS 5 7.12 ARCFive128 context preparation............... 98 7.13 Using ARCFive128 in ECB mode............... 99 7.14 ARCFive128-ECB example................... 100 7.15 Using ARCFive128 in CBC mode............... 101 7.16 ARCFive128-CBC example................... 101 7.17 Using ARCFive128 in CFB mode............... 102 7.18 ARCFive128-CFB example................... 103 7.19 Using ARCFive128 in OFB mode............... 104 7.20 ARCFive128-OFB example................... 105 7.21 Using ARCFive128 in CTR mode............... 106 7.22 ARCFive128-CTR example.................. 107 8 ARCFour 109 8.1 ARCFour context preparation................. 109 8.2 Using ARCFour........................ 109 8.3 ARCFour example....................... 110 9 Hash functions for non-streaming messages 112 9.1 MD5MessageDigest....................... 112 9.2 SHA1MessageDigest...................... 113 9.3 SHA224MessageDigest..................... 114 9.4 SHA256MessageDigest..................... 115 9.5 SHA384MessageDigest..................... 116 9.6 SHA512MessageDigest..................... 117 10 Hash functions for streaming messages 119 10.1 MD5 context preparation.................... 119 10.2 Using MD5 primitives..................... 119 10.3 MD5 example.......................... 120 10.4 SHA1 context preparation................... 121 10.5 Using SHA1 primitives..................... 122 10.6 SHA1 example......................... 122 10.7 SHA224 context preparation.................. 124 10.8 Using SHA224 primitives.................... 124 10.9 SHA224 example........................ 125 10.10 SHA256 context preparation................. 126 10.11 Using SHA256 primitives................... 126 10.12 SHA256 example........................ 127 10.13 SHA384 context preparation................. 129

CONTENTS 6 10.14 Using SHA384 primitives................... 129 10.15 SHA384 example........................ 130 10.16 SHA512 context preparation................. 131 10.17 Using SHA512 primitives................... 131 10.18 SHA512 example........................ 132 11 Message authentication functions for non-streaming messages 134 11.1 HMACMD5MessageDigest................... 134 11.2 HMACSHA1MessageDigest.................. 135 11.3 HMACSHA224MessageDigest................. 136 11.4 HMACSHA256MessageDigest................. 138 11.5 HMACSHA384MessageDigest................. 139 11.6 HMACSHA512MessageDigest................. 140 11.7 CMACRijndael128MessageDigest............... 141 11.8 XCBCRijndael128MessageTag................. 142 12 Message authentication functions for streaming messages 145 12.1 HMACMD5 context preparation................ 145 12.2 Using HMACMD5 primitives................. 145 12.3 HMACMD5 example...................... 146 12.4 HMACSHA1 context preparation............... 147 12.5 Using HMACSHA1 primitives................. 148 12.6 HMACSHA1 example...................... 149 12.7 HMACSHA224 context preparation.............. 150 12.8 Using HMACSHA224 primitives................ 151 12.9 HMACSHA224 example.................... 151 12.10 HMACSHA256 context preparation............. 153 12.11 Using HMACSHA256 primitives............... 153 12.12 HMACSHA256 example.................... 154 12.13 HMACSHA384 context preparation............. 156 12.14 Using HMACSHA384 primitives............... 156 12.15 HMACSHA384 example.................... 157 12.16 HMACSHA512 context preparation............. 158 12.17 Using HMACSHA512 primitives............... 159 12.18 HMACSHA512 example.................... 159

CONTENTS 7 13 Data Authentication Functions 162 13.1 DAADESMessageDigest.................... 162 13.2 DAATDESMessageDigest................... 163 13.3 DAARijndael128MessageDigest................ 164 13.4 DAARijndael192MessageDigest................ 166 13.5 DAARijndael256MessageDigest................ 167 13.6 DAABlowfishMessageDigest.................. 168 13.7 DAATwofishMessageDigest................... 169 II Public key cryptography 171 14 Big Numbers in IPP 172 14.1 The notion of BigNum...................... 172 14.2 The BigNum setup........................ 173 14.3 Getting information from BigNum context........... 175 14.4 Typing BigNums......................... 179 14.5 BigNum comparison....................... 180 14.6 BigNum addition......................... 183 14.7 BigNum subtraction....................... 185 14.8 BigNum multiplication...................... 188 14.9 BigNum division......................... 193 14.10 Reduction modulo BigNum................... 195 14.11 Gcd for BigNums........................ 197 14.12 Inverse modulo BigNum.................... 198 14.13 The idea of Montgomery reduction.............. 200 14.14 Montgomery reduction in IPP................. 201 14.15 Pseudorandom generator set-up................ 206 14.16 Pseudorandom BigNum generation.............. 207 14.17 IPP prime number generator................. 209 14.18 Prime BigNum generation................... 210 15 RSA cryptosystem 213 15.1 Creating a new RSA context.................. 213 15.2 RSA encryption and decryption................ 217 15.3 RSA-OAEP encryption and decryption............ 220 15.4 RSA-SSA signature....................... 223

CONTENTS 8 16 Discrete logarithm problem based functions 226 16.1 Creating a new DLP context.................. 226 16.2 Setting the DLP parameters.................. 227 16.3 Retrieving the DLP parameters................ 227 16.4 DLP private and public keys.................. 228 16.5 DLP-DSA parameters generation and validation....... 229 16.6 DLP-DSA signature....................... 230 16.7 Diffie-Hellman key exchange.................. 233 17 Elliptic curve cryptography over prime finite field 237 17.1 Creating a new ECCP context................. 237 17.2 Standard elliptic curve setup.................. 238 17.3 Elliptic curve parameters.................... 239 17.4 Points on the elliptic curve.................. 242 17.5 Arithmetic of elliptic curves.................. 245 17.6 ECCP cryptosystem keys.................... 247 17.7 ECCP based digital signature................. 249 17.8 ECCP based Diffie-Hellman scheme.............. 255 18 Elliptic curve cryptography over binary finite field 259 18.1 Binary finite field GF(2 m ).................. 259 18.2 Creating a new ECCB context................. 260 18.3 Standard GF(2 m ) elliptic curve setup............. 261 18.4 Parameters of the elliptic curve over binary finite field.... 262 18.5 Points on the elliptic curve over binary field......... 266 18.6 Arithmetic of elliptic curves over binary finite fields..... 268 18.7 ECCB cryptosystem keys.................... 271 18.8 ECCB based digital signature................. 273 18.9 ECCB based Diffie-Hellman scheme.............. 276 19 Prime finite fields 280 19.1 Mathematical description of the Finite Field GF(p).... 280 19.2 The GF(p) context....................... 281 19.3 GF(p) elements......................... 283 19.4 GF(p) arithmetic........................ 286 20 Extension fields GF(p d ) 292 20.1 Mathematical description of GF(p d )............. 292 20.2 GF(p d ) context......................... 293

CONTENTS 9 20.3 GF(p d ) elements........................ 294 20.4 GF(p d ) arithmetic....................... 296 21 Elliptic curves over GF(p) 307 21.1 Creating a new GFPEC context................ 307 21.2 Points on the GF(p) based elliptic curve........... 309 21.3 Arithmetic of points on the GF(p) based elliptic curve... 311 22 Elliptic curves over GF(p d ) 325 22.1 Creating a new GFPXEC context............... 325 22.2 Points on the elliptic curve over GF(p d )........... 327 22.3 Arithmetic of points on the elliptic curve over GF(p d )... 329 A Auxiliary functions 336 A.1 toolb.h............................. 336 A.2 toolb.cpp............................ 337

Part I Private key cryptography

Chapter 1 Block cipher modes of operation A block cipher is a cryptosystem that divides a long plain text into smaller, fixed size strings called blocks and enciphers one block at a time. The size of blocks depends on the algorithm and can be for example: 64-bit for DES, TDES, Blowfish, RC5, 128-bit for Rijndael128, Twofish, 192-bit for Rijndael192, 256-bit for Rijndael256. In IPP we have at our disposal the following modes of operation on blocks. Electronic Code Book mode (ECB), Cipher Block Chaining mode (CBC), Cipher Feedback mode (CFB), Output Feedback mode (OFB), Counter mode (CTR). The detailed description of these modes can be found in [SP800-38A]. To clarify briefly how they work, let us assume that e k () is a function performing specific block cipher of block size b with key k. Let the plain text x 1,x 2,... be the sequence of blocks of length b and let y 1,y 2,... denote the corresponding cipher text blocks. In ECB mode the encryption and decryption is performed as follows:

12 ECB encryption: y i = e k (x i ), i = 1, 2,..., ECB decryption: x i = e 1 k (y i), i = 1, 2,... To make the encryption process non-deterministic one introduces an initial value IV, which is a nonce i.e a number used only once. Usually it is derived from a counter value that is known to both parties and is incremented every time a new session starts. Using IV and XOR operation one can summarize the two next modes. CBC encryption: y 1 = e k (x 1 IV ), y i = e k (x i y i 1 ), i 2, CBC decryption: x 1 = e 1 k (y 1) IV, x i = e 1 k (y i) y i 1, i 2. CFB encryption: y 1 = e k (IV ) x 1, y i = e k (y i 1 ) x i ), i 2, CFB decryption: x 1 = e k (IV ) y 1, x i = e k (y i 1 ) y i, i 2. In OFB mode a key stream s 1,s 2,... is generated in a block-wise fashion and next it is used in encryption and decryption. OFB encryption: s 1 = e k (IV ), y 1 = s 1 x 1, s i = e(s i 1 ), y i = s i x i, i 2, OFB decryption: s 1 = e k (IV ), x 1 = s 1 y 1, s i = e k (s i 1 ), x i = s i y i, i 2. In the CTR mode the additional input to the block cipher is a counter CTR i which assumes a different value every time the block cipher computes a new stream block. CTR encryption: y i = e k (IV CTR i ) x i, i 1, CTR decryption: x i = e k (IV CTR i ) y i, i 1. The symbol denotes the concatenation of strings.

Chapter 2 DES The Data Encryption Standard (DES) description can be found in the documents [FIPS46-3] and [SP800-67]. DES was the standard symmetric block cipher until 2002 when it was superseded by Advanced Encryption Standard (AES). It uses 64-bit blocks and 64-bit keys (effective key size is 56). 2.1 DES context preparation To start encrypting and decrypting with the help of DES we have to prepare an appropriate context. The function DESGetSize shows how much memory we need. IppStatus ippsdesgetsize(int* size)//output:des context size //in bytes Using the obtained value we can allocate a sufficient amount of memory. Next we can use a key and the function DESInit to initialize that context. IppStatus ippsdesinit(const Ipp8u* key, //input:key IppsDESSpec* DESctx) //output: //initialized DES context 2.2 Using DES in ECB mode To encrypt and decrypt we have to choose an appropriate operation mode. In ECB mode the encryption procedure can be performed with the use of DESEncryptECB.

2.3 DES-ECB example 14 IppStatus ippsdesencryptecb(const Ipp8u* plain, //input:plain //text Ipp8u* ciph, //output:cipher text int plainlen, //input:plain text length const IppsDESSpec* DESctx, //input:des //context IppsCPPadding padding) //input:padding In the decryption we can use DESDecryptECB. IppStatus ippsdesdecryptecb(const Ipp8u* ciph, //input:ciph. //text Ipp8u* decr, //output:decrypted text int ciphlen, //input:cipher text length const IppsDESSpec* DESctx, //input:des //context IppsCPPadding padding) //input:padding 2.3 DES-ECB example // DES ECB encryption/decryption // icpc -xhost -ipp=crypto 000DES0.cpp #include "ippcp.h" #include<iostream> using namespace std; int main(){ const int blksize = 8; // DES block size int ctxsize; // DES context size ippsdesgetsize(&ctxsize);// evaluating DES context size // allocate memory for DES context IppsDESSpec* ctx = (IppsDESSpec*)( new Ipp8u [ctxsize] ); // key array Ipp8u key[] = {0xa,0xb,0xc,0xd,0xe,0xf,0x1,0x2}; // DES context initialization ippsdesinit(key, ctx); // plain text array Ipp8u plain[]={"des Electronic Code Book mode of operation "};

2.4 Using DES in CBC mode 15 cout << "Plain text: "<< plain << endl; // cipher text array of size equal to multiple of blksize Ipp8u ciph[(sizeof(plain)+blksize-1) &~(blksize-1)]; // encrypting plain text ippsdesencryptecb(plain,ciph,sizeof(plain), ctx,ippscppaddingnone); Ipp8u deciph[sizeof(ciph)];// decrypted text array // decrypting cipher text ippsdesdecryptecb(ciph,deciph,sizeof(ciph), ctx,ippscppaddingnone); cout <<"Decrypted text: "<< deciph << endl; delete (Ipp8u*) ctx; return 0;} //Output: //Plain text: DES Electronic Code Book mode of operation //Decrypted text: DES Electronic Code Book mode of operation 2.4 Using DES in CBC mode In CBC mode an additional component the initial vector appears. The encryption procedure can be performed with the use of DESEncryptCBC. IppStatus ippsdesencryptcbc(const Ipp8u* plain, //input:plain //text Ipp8u* ciph, //output:cipher text int plainlen, //input:plain text length const IppsDESSpec* DESctx, //input:des //context const Ipp8u* iv, //input:initial vector IppsCPPadding padding) //input:padding In the decryption we can use DESDecryptCBC.

2.5 DES-CBC example 16 IppStatus ippsdesdecryptcbc(const Ipp8u* ciph, //input:ciph. //text Ipp8u* decr, //output:decrypted text int ciphlen, //input:cipher text length const IppsDESSpec* DESctx, //input:des //context const Ipp8u* iv, //input:initial vector IppsCPPadding padding) //input:padding 2.5 DES-CBC example // DES CBC encryption/decryption // icpc -xhost -ipp=crypto 000DES1.cpp #include "ippcp.h" #include<iostream> using namespace std; int main(){ const int blksize = 8; // DES block size int ctxsize; // DES context size ippsdesgetsize(&ctxsize); // evaluating DES context size // allocate memory for DES context IppsDESSpec* ctx = (IppsDESSpec*)( new Ipp8u [ctxsize] ); Ipp8u key[] = {0xa,0xb,0xc,0xd,0xe,0xf,0x1,0x2}; // key ippsdesinit(key, ctx); // DES context initialization // plain text Ipp8u plain[]={"des Cipher Block Chaining mode of operation "}; cout << "Plain text: "<< plain << endl; // cipher text array of size equal to multiple of blksize Ipp8u ciph[(sizeof(plain)+blksize-1) &~(blksize-1)]; // initial vector Ipp8u iv[blksize] = {0x77,0x66,0x55,0x44,0x33,0x22,0x11,0x00}; // encrypting plain text ippsdesencryptcbc(plain,ciph,sizeof(plain), ctx,iv,ippscppaddingnone); Ipp8u deciph[sizeof(ciph)]; // decrypting cipher text ippsdesdecryptcbc(ciph,deciph,sizeof(ciph), ctx,iv,ippscppaddingnone);

2.6 Using DES in CFB mode 17 cout <<"Decrypted text: "<< deciph << endl; delete (Ipp8u*) ctx; return 0;} //Output: //Plain text: DES Cipher Block Chaining mode of operation //Decrypted text: DES Cipher Block Chaining mode of operation 2.6 Using DES in CFB mode The encryption procedure can be performed with the use of DESEncryptCFB. IppStatus ippsdesencryptcfb(const Ipp8u* plain, //input:plain //text Ipp8u* ciph, //output:cipher text int plainlen, //input:plain text length int blksize, //input:block size const IppsDESSpec* DESctx, //input:des //context const Ipp8u* iv, //input:initial vector IppsCPPadding padding) //input:padding In the decryption we can use DESDecryptCFB. IppStatus ippsdesdecryptcfb(const Ipp8u* ciph, //input:ciph. //text Ipp8u* decr, //output:decrypted text int ciphlen, //input:cipher text length int blksize, //input:block size const IppsDESSpec* DESctx, //input:des //context const Ipp8u* iv, //input:initial vector IppsCPPadding padding) //input:padding 2.7 DES-CFB example // DES CFB encryption/decryption // icpc -xhost -ipp=crypto 000DES2.cpp

2.8 Using DES in OFB mode 18 #include "ippcp.h" #include<iostream> using namespace std; int main(){ const int blksize = 8; // DES block size int ctxsize; // DES context size ippsdesgetsize(&ctxsize); // evaluating DES context size // allocate memory for DES context IppsDESSpec* ctx = (IppsDESSpec*)( new Ipp8u [ctxsize] ); Ipp8u key[] = {0xa,0xb,0xc,0xd,0xe,0xf,0x1,0x2}; // key ippsdesinit(key, ctx); // DES context initialization // plain text Ipp8u plain[]={"des Cipher Feedback mode of operation "}; cout << "Plain text: "<< plain << endl; // cipher text array of size equal to multiple of blksize Ipp8u ciph[(sizeof(plain)+blksize-1) &~(blksize-1)]; // initial vector Ipp8u iv[blksize] = {0x77,0x66,0x55,0x44,0x33,0x22,0x11,0x00}; // encrypting plain text ippsdesencryptcfb(plain,ciph,sizeof(plain), blksize,ctx,iv,ippscppaddingnone); Ipp8u deciph[sizeof(ciph)]; // decrypting cipher text ippsdesdecryptcfb(ciph,deciph,sizeof(ciph), blksize,ctx,iv,ippscppaddingnone); cout <<"Decrypted text: "<< deciph << endl; delete (Ipp8u*) ctx; return 0;} //Output: //Plain text: DES Cipher Feedback mode of operation //Decrypted text: DES Cipher Feedback mode of operation 2.8 Using DES in OFB mode The encryption procedure can be performed with the use of DESEncryptOFB.

2.9 DES-OFB example 19 IppStatus ippsdesencryptofb(const Ipp8u* plain, //input:plain //text Ipp8u* ciph, //output:cipher text int plainlen, //input:plain text length int blksize, //input:block size const IppsDESSpec* DESctx, //input:des //context const Ipp8u* iv) //input:initial vector In the decryption we can use DESDecryptOFB. IppStatus ippsdesdecryptofb(const Ipp8u* ciph, //input:ciph. //text Ipp8u* decr, //output:decrypted text int ciphlen, //input:cipher text length int blksize, //input:block size const IppsDESSpec* DESctx, //input:des //context const Ipp8u* iv) //input:initial vector 2.9 DES-OFB example // DES OFB encryption/decryption // icpc -xhost -ipp=crypto 000DES3.cpp #include "ippcp.h" #include<cstring> #include<iostream> using namespace std; int main(){ const int blksize = 8; // DES block size int ctxsize; // DES context size ippsdesgetsize(&ctxsize); // evaluating DES context size // allocate memory for DES context IppsDESSpec* ctx = (IppsDESSpec*)( new Ipp8u [ctxsize] ); Ipp8u key[] = {0xa,0xb,0xc,0xd,0xe,0xf,0x1,0x2}; // key ippsdesinit(key, ctx); // DES context initialization

2.10 Using DES in CTR mode 20 // plain text Ipp8u plain[]={"des Output Feedback mode of operation "}; cout << "Plain text: "<< plain << endl; // cipher text array of size equal to multiple of blksize Ipp8u ciph[(sizeof(plain)+blksize-1) &~(blksize-1)]; // initial vector Ipp8u iv0[blksize] = {0x77,0x66,0x55,0x44,0x33,0x22,0x11,0x00}; Ipp8u iv[blksize]; memcpy(iv,iv0,sizeof(iv0)); // encrypting plain text ippsdesencryptofb(plain,ciph,sizeof(plain), blksize,ctx,iv0); Ipp8u deciph[sizeof(ciph)]; // decrypting cipher text ippsdesdecryptofb(ciph,deciph,sizeof(ciph), blksize,ctx,iv); cout <<"Decrypted text: "<< deciph << endl; delete (Ipp8u*) ctx; return 0;} //Output: //Plain text: DES Output Feedback mode of operation //Decrypted text: DES Output Feedback mode of operation 2.10 Using DES in CTR mode The encryption procedure can be performed with the use of DESEncryptCTR. IppStatus ippsdesencryptctr(const Ipp8u* plain, //input:plain //text Ipp8u* ciph, //output:cipher text int plainlen, //input:plain text length const IppsDESSpec* DESctx, //input:des //context Ipp8u* ctr, //input:counter int ctrnumbitsize) //input:counter size

2.11 DES-CTR example 21 In the decryption we can use DESDecryptCTR. IppStatus ippsdesdecryptctr(const Ipp8u* ciph, //input:ciph. //text Ipp8u* decr, //output:decrypted text int ciphlen, //input:cipher text length const IppsDESSpec* DESctx, //input:des //context Ipp8u* ctr, //input:counter int ctrnumbitsize) //input:counter size 2.11 DES-CTR example // DES CTR encryption/decryption // icpc -xhost -ipp=crypto 000DES4.cpp #include "ippcp.h" #include<cstring> #include<iostream> using namespace std; int main(){ const int blksize = 8; // DES block size int ctxsize; // DES context size ippsdesgetsize(&ctxsize); // evaluating DES context size // allocate memory for DES context IppsDESSpec* ctx = (IppsDESSpec*)( new Ipp8u [ctxsize] ); Ipp8u key[] = {0xa,0xb,0xc,0xd,0xe,0xf,0x1,0x2}; // key ippsdesinit(key, ctx); // DES context initialization // plain text Ipp8u plain[] = {"DES Counter mode of operation"}; cout << "Plain text: "<< plain << endl; // counter array Ipp8u ctr0[blksize] = {0xff,0xee,0xdd,0xcc,0xbb,0xaa,0x99,0x88}; Ipp8u ctr[blksize]; memcpy(ctr,ctr0,sizeof(ctr0)); int ctrnumbitsize = 64; // cipher text array

2.11 DES-CTR example 22 Ipp8u ciph[sizeof(plain)]; // encrypting plain text ippsdesencryptctr(plain,ciph,sizeof(plain), ctx,ctr,ctrnumbitsize); Ipp8u deciph[sizeof(ciph)]; memcpy(ctr, ctr0, sizeof(ctr0)); // decrypting cipher text ippsdesdecryptctr(ciph,deciph,sizeof(ciph), ctx,ctr,ctrnumbitsize); cout <<"Decrypted text: "<< deciph << endl; delete (Ipp8u*) ctx; return 0;} //Output: //Plain text: DES Counter mode of operation //Decrypted text: DES Counter mode of operation

Chapter 3 Triple DES In Triple DES three keys k 1,k 2,k 3 (to be more precise three sets of keys) are used. The general scheme can be summarized as follows: y = e k3 (e 1 k 2 (e k1 (x))), i.e. all blocks are encrypted using the first key, next decrypted with the second one and finally encrypted using the third one. More precise description can be found in [FIPS46-3] and [SP800-67]. 3.1 Using TDES in ECB mode To encrypt and decrypt we have to choose an appropriate operation mode. In ECB mode the encryption procedure can be performed with the use of TDESEncryptECB. IppStatus ippstdesencryptecb(const Ipp8u* plain, //input:plain //text Ipp8u* ciph, //output:cipher text int plainlen, //input:plain text length const IppsDESSpec* ctx0, //input:first //component of TDES context const IppsDESSpec* ctx1, //input:second //component of TDES context const IppsDESSpec* ctx2, //input:third //component of TDES context IppsCPPadding padding) //input:padding

3.2 TDES-ECB example 24 In the decryption we can use TDESDecryptECB. IppStatus ippstdesdecryptecb(const Ipp8u* ciph, //input:ciph. //text Ipp8u* decr, //output:decrypted text int ciphlen, //input:cipher text length const IppsDESSpec* ctx0, //input:first //component of TDES context const IppsDESSpec* ctx1, //input:second //component of TDES context const IppsDESSpec* ctx2, //input:third //component of TDES context IppsCPPadding padding) //input:padding 3.2 TDES-ECB example // TDES ECB encryption/decryption // icpc -xhost -ipp=crypto 000TDES0.cpp #include "ippcp.h" #include<iostream> using namespace std; int main(){ const int blksize = 8; // TDES block size int ctxsize; // TDES context size ippsdesgetsize(&ctxsize); // evaluating TDES context size // allocate memory for TDES context IppsDESSpec* ctx0 = (IppsDESSpec*)( new Ipp8u [ctxsize] ); IppsDESSpec* ctx1 = (IppsDESSpec*)( new Ipp8u [ctxsize] ); IppsDESSpec* ctx2 = (IppsDESSpec*)( new Ipp8u [ctxsize] ); Ipp8u key0[] = {0x01,0x2,0x3,0x4,0x5,0x6,0x7,0x8}; Ipp8u key1[] = {0x02,0x1,0x3,0x4,0x5,0x6,0x7,0x8}; Ipp8u key2[] = {0x05,0x2,0x3,0x4,0x5,0x6,0x7,0x8}; ippsdesinit(key0, ctx0); // TDES context initialization ippsdesinit(key1, ctx1); ippsdesinit(key2, ctx2); // plain text Ipp8u plain[]={"tdes Electronic Code Book mode of operation "}; cout << "Plain text: "<< plain << endl;

3.3 Using TDES in CBC mode 25 // cipher text array of size equal to multiple of blksize Ipp8u ciph[(sizeof(plain)+blksize-1) &~(blksize-1)]; // encrypting plain text ippstdesencryptecb(plain,ciph,sizeof(plain), ctx0,ctx1,ctx2,ippscppaddingnone); Ipp8u deciph[sizeof(ciph)]; // decrypting cipher text ippstdesdecryptecb(ciph,deciph,sizeof(ciph), ctx0,ctx1,ctx2,ippscppaddingnone); cout <<"Decrypted text: "<< deciph << endl; delete (Ipp8u*) ctx0; delete (Ipp8u*) ctx1; delete (Ipp8u*) ctx2; return 0;} //Output: //Plain text: TDES Electronic Code Book mode of operation //Decrypted text: TDES Electronic Code Book mode of operation 3.3 Using TDES in CBC mode In CBC mode the encryption procedure can be performed with the use of TDESEncryptCBC. IppStatus ippstdesencryptcbc(const Ipp8u* plain, //input:plain //text Ipp8u* ciph, //output:cipher text int plainlen, //input:plain text length const IppsDESSpec* ctx0, //input:first //component of TDES context const IppsDESSpec* ctx1, //input:second //component of TDES context const IppsDESSpec* ctx2, //input:third //component of TDES context const Ipp8u* iv, //input:initial vector IppsCPPadding padding) //input:padding In the decryption we can use TDESDecryptCBC.

3.4 TDES-CBC example 26 IppStatus ippstdesdecryptcbc(const Ipp8u* ciph, //input:ciph. //text Ipp8u* decr, //output:decrypted text int ciphlen, //input:cipher text length const IppsDESSpec* ctx0, //input:first //component of TDES context const IppsDESSpec* ctx1, //input:second //component of TDES context const IppsDESSpec* ctx2, //input:third //component of TDES context const Ipp8u* iv, //input:initial vector IppsCPPadding padding) //input:padding 3.4 TDES-CBC example // TDES CBC encryption/decryption // icpc -xhost -ipp=crypto 000TDES1.cpp #include "ippcp.h" #include<iostream> using namespace std; int main(){ const int blksize = 8; // TDES block size int ctxsize; // TDES context size ippsdesgetsize(&ctxsize); // evaluating TDES context size // allocate memory for TDES context IppsDESSpec* ctx0 = (IppsDESSpec*)( new Ipp8u [ctxsize] ); IppsDESSpec* ctx1 = (IppsDESSpec*)( new Ipp8u [ctxsize] ); IppsDESSpec* ctx2 = (IppsDESSpec*)( new Ipp8u [ctxsize] ); Ipp8u key0[] = {0x01,0x2,0x3,0x4,0x5,0x6,0x7,0x8}; Ipp8u key1[] = {0x02,0x1,0x3,0x4,0x5,0x6,0x7,0x8}; Ipp8u key2[] = {0x05,0x2,0x3,0x4,0x5,0x6,0x7,0x8}; ippsdesinit(key0, ctx0); // TDES context initialization ippsdesinit(key1, ctx1); ippsdesinit(key2, ctx2); // plain text Ipp8u plain[]={"tdes Cipher Block Chaining mode of operation "}; cout << "Plain text: "<< plain << endl;

3.4 TDES-CBC example 27 // cipher text array of size equal to multiple of blksize Ipp8u ciph[(sizeof(plain)+blksize-1) &~(blksize-1)]; // initial vector Ipp8u iv[blksize] = {0x77,0x66,0x55,0x44,0x33,0x22,0x11,0x00}; // encrypting plain text ippstdesencryptcbc(plain,ciph,sizeof(plain), ctx0,ctx1,ctx2,iv,ippscppaddingnone); Ipp8u deciph[sizeof(ciph)]; // decrypting cipher text ippstdesdecryptcbc(ciph,deciph,sizeof(ciph), ctx0,ctx1,ctx2,iv,ippscppaddingnone); cout <<"Decrypted text: "<< deciph << endl; delete (Ipp8u*) ctx0; delete (Ipp8u*) ctx1; delete (Ipp8u*) ctx2; return 0;} //Output: //Plain text: TDES Cipher Block Chaining mode of operation //Decrypted text: TDES Cipher Block Chaining mode of operation

3.5 Using TDES in CFB mode 28 3.5 Using TDES in CFB mode In CFB mode the encryption procedure can be performed with the use of TDESEncryptCFB. IppStatus ippstdesencryptcfb(const Ipp8u* plain, //input:plain //text Ipp8u* ciph, //output:cipher text int plainlen, //input:plain text length int blksize, //input:block size const IppsDESSpec* ctx0, //input:first //component of TDES context const IppsDESSpec* ctx1, //input:second //component of TDES context const IppsDESSpec* ctx2, //input:third //component of TDES context const Ipp8u* iv, //input:initial vector IppsCPPadding padding) //input:padding In the decryption we can use TDESDecryptCFB. IppStatus ippstdesdecryptcfb(const Ipp8u* ciph, //input:ciph. //text Ipp8u* decr, //output:decrypted text int ciphlen, //input:cipher text length int blksize, //input:block size const IppsDESSpec* ctx0, //input:first //component of TDES context const IppsDESSpec* ctx1, //input:second //component of TDES context const IppsDESSpec* ctx2, //input:third //component of TDES context const Ipp8u* iv, //input:initial vector IppsCPPadding padding) //input:padding 3.6 TDES-CFB example // TDES CFB encryption/decryption // icpc -xhost -ipp=crypto 000TDES2.cpp

3.6 TDES-CFB example 29 #include "ippcp.h" #include<iostream> using namespace std; int main(){ const int blksize = 8; // TDES block size int ctxsize; // TDES context size ippsdesgetsize(&ctxsize); // evaluating TDES context size // allocate memory for TDES context IppsDESSpec* ctx0 = (IppsDESSpec*)( new Ipp8u [ctxsize] ); IppsDESSpec* ctx1 = (IppsDESSpec*)( new Ipp8u [ctxsize] ); IppsDESSpec* ctx2 = (IppsDESSpec*)( new Ipp8u [ctxsize] ); Ipp8u key0[] = {0x01,0x2,0x3,0x4,0x5,0x6,0x7,0x8}; Ipp8u key1[] = {0x02,0x1,0x3,0x4,0x5,0x6,0x7,0x8}; Ipp8u key2[] = {0x05,0x2,0x3,0x4,0x5,0x6,0x7,0x8}; ippsdesinit(key0, ctx0); // TDES context initialization ippsdesinit(key1, ctx1); ippsdesinit(key2, ctx2); // plain text Ipp8u plain[]={"tdes Cipher Feedback mode of operation "}; cout << "Plain text: "<< plain << endl; // cipher text array of size equal to multiple of blksize Ipp8u ciph[(sizeof(plain)+blksize-1) &~(blksize-1)]; // initial vector Ipp8u iv[blksize] = {0x77,0x66,0x55,0x44,0x33,0x22,0x11,0x00}; // encrypting plain text ippstdesencryptcfb(plain,ciph,sizeof(plain),blksize, ctx0,ctx1,ctx2,iv,ippscppaddingnone); Ipp8u deciph[sizeof(ciph)]; // decrypting cipher text ippstdesdecryptcfb(ciph,deciph,sizeof(ciph),blksize, ctx0,ctx1,ctx2,iv,ippscppaddingnone); cout <<"Decrypted text: "<< deciph << endl; delete (Ipp8u*) ctx0; delete (Ipp8u*) ctx1; delete (Ipp8u*) ctx2; return 0;} //Output:

3.7 Using TDES in OFB mode 30 //Plain text: TDES Cipher Feedback mode of operation //Decrypted text: TDES Cipher Feedback mode of operation 3.7 Using TDES in OFB mode In OFB mode the encryption procedure can be performed with the use of TDESEncryptOFB. IppStatus ippstdesencryptofb(const Ipp8u* plain, //input:plain //text Ipp8u* ciph, //output:cipher text int plainlen, //input:plain text length int blksize, //input:block size const IppsDESSpec* ctx0, //input:first //component of TDES context const IppsDESSpec* ctx1, //input:second //component of TDES context const IppsDESSpec* ctx2, //input:third //component of TDES context const Ipp8u* iv) //input:initial vector In the decryption we can use TDESDecryptOFB. IppStatus ippstdesdecryptofb(const Ipp8u* ciph, //input:ciph. //text Ipp8u* decr, //output:decrypted text int ciphlen, //input:cipher text length int blksize, //input:block size const IppsDESSpec* ctx0, //input:first //component of TDES context const IppsDESSpec* ctx1, //input:second //component of TDES context const IppsDESSpec* ctx2, //input:third //component of TDES context const Ipp8u* iv) //input:initial vector

3.8 TDES-OFB example 31 3.8 TDES-OFB example // TDES OFB encryption/decryption // icpc -xhost -ipp=crypto 000TDES3.cpp #include "ippcp.h" #include<cstring> #include<iostream> using namespace std; int main(){ const int blksize = 8; // TDES block size int ctxsize; // TDES context size ippsdesgetsize(&ctxsize); // evaluating TDES context size // allocate memory for TDES context IppsDESSpec* ctx0 = (IppsDESSpec*)( new Ipp8u [ctxsize] ); IppsDESSpec* ctx1 = (IppsDESSpec*)( new Ipp8u [ctxsize] ); IppsDESSpec* ctx2 = (IppsDESSpec*)( new Ipp8u [ctxsize] ); Ipp8u key0[] = {0x01,0x2,0x3,0x4,0x5,0x6,0x7,0x8}; Ipp8u key1[] = {0x02,0x1,0x3,0x4,0x5,0x6,0x7,0x8}; Ipp8u key2[] = {0x05,0x2,0x3,0x4,0x5,0x6,0x7,0x8}; ippsdesinit(key0, ctx0); // TDES context initialization ippsdesinit(key1, ctx1); ippsdesinit(key2, ctx2); // plain text Ipp8u plain[]={"tdes Output Feedback mode of operation "}; cout << "Plain text: "<< plain << endl; // cipher text array of size equal to multiple of blksize Ipp8u ciph[(sizeof(plain)+blksize-1) &~(blksize-1)]; // initial vector Ipp8u iv0[blksize] = {0x77,0x66,0x55,0x44,0x33,0x22,0x11,0x00}; Ipp8u iv[blksize]; memcpy(iv,iv0,sizeof(iv0)); // encrypting plain text ippstdesencryptofb(plain,ciph,sizeof(plain),blksize, ctx0,ctx1,ctx2,iv0); Ipp8u deciph[sizeof(ciph)]; // decrypting cipher text ippstdesdecryptofb(ciph,deciph,sizeof(ciph),blksize, ctx0,ctx1,ctx2,iv);

3.9 Using TDES in CTR mode 32 cout <<"Decrypted text: "<< deciph << endl; delete (Ipp8u*) ctx0; delete (Ipp8u*) ctx1; delete (Ipp8u*) ctx2; return 0;} //Output: //Plain text: TDES Output Feedback mode of operation //Decrypted text: TDES Output Feedback mode of operation 3.9 Using TDES in CTR mode In CTR mode the encryption procedure can be performed with the use of TDESEncryptCTR. IppStatus ippstdesencryptctr(const Ipp8u* plain, //input:plain //text Ipp8u* ciph, //output:cipher text int plainlen, //input:plain text length const IppsDESSpec* ctx0, //input:first //component of TDES context const IppsDESSpec* ctx1, //input:second //component of TDES context const IppsDESSpec* ctx2, //input:third //component of TDES context const Ipp8u* ctr, //input:counter const int ctrnumbitsize) //input:counter //size In the decryption we can use TDESDecryptCTR.

3.10 TDES-CTR example 33 IppStatus ippstdesdecryptctr(const Ipp8u* ciph, //input:ciph. //text Ipp8u* decr, //output:decrypted text int ciphlen, //input:cipher text length const IppsDESSpec* ctx0, //input:first //component of TDES context const IppsDESSpec* ctx1, //input:second //component of TDES context const IppsDESSpec* ctx2, //input:third //component of TDES context const Ipp8u* ctr, //input:counter const int ctrnumbitsize) //input:counter //size 3.10 TDES-CTR example // TDES CTR encryption/decryption // icpc -xhost -ipp=crypto 000TDES4.cpp #include "ippcp.h" #include<cstring> #include<iostream> using namespace std; int main(){ const int blksize = 8; // TDES block size int ctxsize; // TDES context size ippsdesgetsize(&ctxsize); // evaluating TDES context size // allocate memory for TDES context IppsDESSpec* ctx0 = (IppsDESSpec*)( new Ipp8u [ctxsize] ); IppsDESSpec* ctx1 = (IppsDESSpec*)( new Ipp8u [ctxsize] ); IppsDESSpec* ctx2 = (IppsDESSpec*)( new Ipp8u [ctxsize] ); Ipp8u key0[] = {0x01,0x2,0x3,0x4,0x5,0x6,0x7,0x8}; Ipp8u key1[] = {0x02,0x1,0x3,0x4,0x5,0x6,0x7,0x8}; Ipp8u key2[] = {0x05,0x2,0x3,0x4,0x5,0x6,0x7,0x8}; ippsdesinit(key0, ctx0); // TDES context initialization ippsdesinit(key1, ctx1); ippsdesinit(key2, ctx2); // plain text Ipp8u plain[] = {"TDES Counter mode of operation"};

3.10 TDES-CTR example 34 cout << "Plain text: "<< plain << endl; // cipher text array of size equal to multiple of blksize Ipp8u ciph[(sizeof(plain)+blksize-1) &~(blksize-1)]; // counter Ipp8u ctr0[blksize] = {0xff,0xee,0xdd,0xcc,0xbb,0xaa,0x99,0x88}; Ipp8u ctr[blksize]; int ctrnumbitsize = 64; memcpy(ctr,ctr0,sizeof(ctr0)); // encrypting plain text ippstdesencryptctr(plain,ciph,sizeof(plain), ctx0,ctx1,ctx2,ctr,ctrnumbitsize); Ipp8u deciph[sizeof(ciph)]; memcpy(ctr, ctr0, sizeof(ctr0)); // decrypting cipher text ippstdesdecryptctr(ciph,deciph,sizeof(ciph), ctx0,ctx1,ctx2,ctr,ctrnumbitsize); cout <<"Decrypted text: "<< deciph << endl; delete (Ipp8u*) ctx0; delete (Ipp8u*) ctx1; delete (Ipp8u*) ctx2; return 0;} //Output: //Plain text: TDES Counter mode of operation //Decrypted text: TDES Counter mode of operation

Chapter 4 Rijndael AES (Advanced Encryption Standard) is the most popular successor of DES/TDES. Its detailed description can be found in [FIPS197]. It uses the Rijndael algorithm developed by Joan Daemen and Vincent Rijmen. In Rijndael algorithm the block sizes and key sizes can be (independently) set to 128, 192 or 256 bits. We shall describe the corresponding versions in separate sections. Remark. AES uses the special case of Rijndael algorithm with block size equal to 128 bits. The AES keys can have 128, 192 or 256 bits. 4.1 Rijndael128 context preparation To start encrypting and decrypting using Rijndael algorithm with 128- bit block size we have to prepare an appropriate context. The function Rijndael128GetSize shows how much memory we need. IppStatus ippsrijndael128getsize(int* size) //output: // Rijndael128 context size in bytes Using the obtained value we can allocate a sufficient amount of memory. Next we can use a key and one of the functions Rijndael128Init, SafeRijndael128Init to initialize that context.

4.2 Using Rijndael128 in ECB mode 36 IppStatus ippsrijndael128init(const Ipp8u* key, //input:key IppsRijndaelKeyLength keylen, //input: //key length IppsRijndael128Spec* ctx) //output: //initialized Rijndael128 context There are three possible values of IppsRijndaelKeyLength: IppsRijndaelKey128, IppsRijndaelKey192 and IppsRijndaelKey256. One can also choose slightly slower but more secure implementation of the algorithm. IppStatus ippssaferijndael128init(const Ipp8u* key,//input:key IppsRijndaelKeyLength keylen, //input: //key length IppsRijndael128Spec* ctx) //output: //initialized Rijndael128 context 4.2 Using Rijndael128 in ECB mode To encrypt and decrypt we have to choose an appropriate operation mode. In ECB mode the encryption procedure can be performed with the use of Rijndael128EncryptECB. IppStatus ippsrijndael128encryptecb(const Ipp8u* plain,//input: //plain text Ipp8u* ciph, //output:cipher text int plainlen, //input:plain text length const IppsRijndael128Spec* ctx, //input: //Rijndael128 context IppsCPPadding padding) //input:padding In the decryption we can use Rijndael128DecryptECB.

4.3 Rijndael128-ECB example 37 IppStatus ippsrijndael128decryptecb(const Ipp8u* ciph,//input: //cipher text Ipp8u* decr, //output:decrypted text int ciphlen, //input:cipher text length const IppsRijndael128Spec* ctx, //input: //Rijndael128 context IppsCPPadding padding) //input:padding 4.3 Rijndael128-ECB example // Rijndael128 ECB encryption/decryption // icpc -xhost -ipp=crypto 000AES00.cpp #include "ippcp.h" #include<iostream> using namespace std; int main(){ const int blksize = 16; //block size int ctxsize; //context size ippsrijndael128getsize(&ctxsize); //evaluating context size // allocate memory for Rijndael context IppsRijndael128Spec* ctx = (IppsRijndael128Spec*) ( new Ipp8u [ctxsize] ); // 128-bit key //Ipp8u key[16] = {0xff,0xee,0xdd,0xcc,0xbb,0xaa,0x99,0x88, //0x77,0x66,0x55,0x44,0x33,0x22,0x11,0x00}; // 256-bit key Ipp8u key[32] = {0xff,0xee,0xdd,0xcc,0xbb,0xaa,0x99,0x88, 0x77,0x66,0x55,0x44,0x33,0x22,0x11,0x00, 0xff,0xee,0xdd,0xcc,0xbb,0xaa,0x99,0x88, 0x77,0x66,0x55,0x44,0x33,0x22,0x11,0x00}; // Rijndael context initialization //ippsrijndael128init(key,ippsrijndaelkey128,ctx);//128-bit key //case ippsrijndael128init(key,ippsrijndaelkey256,ctx); //256-bit key // plain text Ipp8u plain[] = "Rijndael-128 Electronic Code Book mode "; //cout<< sizeof(plain)<<endl;

4.4 Using Rijndael128 in CBC mode 38 cout << "Plain text: "<< plain << endl; // cipher text array of size equal to multiple of blksize Ipp8u ciph[(sizeof(plain)+blksize-1) &~(blksize-1)]; // encrypting plain text ippsrijndael128encryptecb(plain,ciph,sizeof(plain), ctx,ippscppaddingnone); Ipp8u deciph[sizeof(ciph)]; // decrypting cipher text ippsrijndael128decryptecb(ciph,deciph,sizeof(ciph), ctx,ippscppaddingnone); cout <<"Decrypted text: "<< deciph << endl; delete (Ipp8u*) ctx; return 0;} //Output: //Plain text: Rijndael-128 Electronic Code Book mode //Decrypted text: Rijndael-128 Electronic Code Book mode 4.4 Using Rijndael128 in CBC mode In CBC mode the encryption procedure can be performed with the use of Rijndael128EncryptCBC. IppStatus ippsrijndael128encryptcbc(const Ipp8u* plain,//input: //plain text Ipp8u* ciph, //output:cipher text int plainlen, //input:plain text length const IppsRijndael128Spec* ctx, //input: //Rijndael128 context const Ipp8u* iv, //input:initial vector IppsCPPadding padding) //input:padding In the decryption we can use Rijndael128DecryptCBC.

4.5 Rijndael128-CBC example 39 IppStatus ippsrijndael128decryptcbc(const Ipp8u* ciph,//input: //cipher text Ipp8u* decr, //output:decrypted text int ciphlen, //input:cipher text length const IppsRijndael128Spec* ctx, //input: //Rijndael128 context const Ipp8u* iv, //input:initial vector IppsCPPadding padding) //input:padding 4.5 Rijndael128-CBC example // Rijndael128 CBC encryption/decryption // icpc -xhost -ipp=crypto 000AES01.cpp #include "ippcp.h" #include<iostream> using namespace std; int main(){ const int blksize = 16; // block size int ctxsize; // context size ippsrijndael128getsize(&ctxsize); // evaluating context size // allocate memory for Rijndael context IppsRijndael128Spec* ctx = (IppsRijndael128Spec*) ( new Ipp8u [ctxsize] ); // 128-bit key //Ipp8u key[16] = {0xff,0xee,0xdd,0xcc,0xbb,0xaa,0x99,0x88, //0x77,0x66,0x55,0x44,0x33,0x22,0x11,0x00}; // 256-bit key Ipp8u key[32] = {0xff,0xee,0xdd,0xcc,0xbb,0xaa,0x99,0x88, 0x77,0x66,0x55,0x44,0x33,0x22,0x11,0x00, 0xff,0xee,0xdd,0xcc,0xbb,0xaa,0x99,0x88, 0x77,0x66,0x55,0x44,0x33,0x22,0x11,0x00}; // Rijndael context initialization //ippsrijndael128init(key,ippsrijndaelkey128,ctx);//128-bit key //case ippsrijndael128init(key,ippsrijndaelkey256,ctx); //256-bit key // plain text Ipp8u plain[] = "Rijndael-128 Cipher Block Chaining mode ";

4.6 Using Rijndael128 in CFB mode 40 //cout<< sizeof(plain)<<endl; cout << "Plain text: "<< plain << endl; // cipher text array of size equal to multiple of blksize Ipp8u ciph[(sizeof(plain)+blksize-1) &~(blksize-1)]; // initial key Ipp8u iv[blksize] = {0x0f,0x0e,0x0d,0x0c,0x0b,0x0a,0x09,0x08, 0x07,0x06,0x05,0x04,0x03,0x02,0x01,0x00}; // encrypting plain text ippsrijndael128encryptcbc(plain,ciph,sizeof(plain), ctx,iv,ippscppaddingnone); Ipp8u deciph[sizeof(ciph)]; // decrypting cipher text ippsrijndael128decryptcbc(ciph,deciph,sizeof(ciph), ctx,iv,ippscppaddingnone); cout <<"Decrypted text: "<< deciph << endl; delete (Ipp8u*) ctx; return 0;} //Output: //Plain text: Rijndael-128 Cipher Block Chaining mode //Decrypted text: Rijndael-128 Cipher Block Chaining mode 4.6 Using Rijndael128 in CFB mode In CFB mode the encryption procedure can be performed with the use of Rijndael128EncryptCFB. IppStatus ippsrijndael128encryptcfb(const Ipp8u* plain,//input: //plain text Ipp8u* ciph, //output:cipher text int plainlen, //input:plain text length int blksize, //input:block size const IppsRijndael128Spec* ctx, //input: //Rijndael128 context const Ipp8u* iv, //input:initial vector IppsCPPadding padding) //input:padding In the decryption we can use Rijndael128DecryptCFB.

4.7 Rijndael128-CFB example 41 IppStatus ippsrijndael128decryptcfb(const Ipp8u* ciph,//input: //cipher text Ipp8u* decr, //output:decrypted text int ciphlen, //input:cipher text length int blksize, //input:block size const IppsRijndael128Spec* ctx, //input: //Rijndael128 context const Ipp8u* iv, //input:initial vector IppsCPPadding padding) //input:padding 4.7 Rijndael128-CFB example // Rijndael128 CFB encryption/decryption // icpc -xhost -ipp=crypto 000AES02.cpp #include "ippcp.h" //#include<cstring> #include<iostream> using namespace std; int main(){ const int blksize = 16; // block size int ctxsize; // context size ippsrijndael128getsize(&ctxsize); // evaluating context size // allocate memory for Rijndael context IppsRijndael128Spec* ctx = (IppsRijndael128Spec*) ( new Ipp8u [ctxsize] ); // 128-bit key //Ipp8u key[16] = {0xff,0xee,0xdd,0xcc,0xbb,0xaa,0x99,0x88, //0x77,0x66,0x55,0x44,0x33,0x22,0x11,0x00}; // 256-bit key Ipp8u key[32] = {0xff,0xee,0xdd,0xcc,0xbb,0xaa,0x99,0x88, 0x77,0x66,0x55,0x44,0x33,0x22,0x11,0x00, 0xff,0xee,0xdd,0xcc,0xbb,0xaa,0x99,0x88, 0x77,0x66,0x55,0x44,0x33,0x22,0x11,0x00}; // Rijndael context initialization //ippsrijndael128init(key,ippsrijndaelkey128,ctx);//128-bit key //case

4.8 Using Rijndael128 in OFB mode 42 ippsrijndael128init(key,ippsrijndaelkey256,ctx); //256-bit key // plain text Ipp8u plain[] = "Rijndael-128 Cipher Feedback mode of operation "; //cout<< sizeof(plain)<<endl; cout << "Plain text: "<< plain << endl; // cipher text array of size equal to multiple of blksize Ipp8u ciph[(sizeof(plain)+blksize-1) &~(blksize-1)]; // initial vector Ipp8u iv[blksize] = {0x0f,0x0e,0x0d,0x0c,0x0b,0x0a,0x09,0x08, 0x07,0x06,0x05,0x04,0x03,0x02,0x01,0x00}; // encrypting plain text ippsrijndael128encryptcfb(plain,ciph,sizeof(plain), blksize,ctx,iv,ippscppaddingnone); Ipp8u deciph[sizeof(ciph)]; // decrypting cipher text ippsrijndael128decryptcfb(ciph,deciph,sizeof(ciph), blksize,ctx,iv,ippscppaddingnone); cout <<"Decrypted text: "<< deciph << endl; delete (Ipp8u*) ctx; return 0;} //Output: //Plain text: Rijndael-128 Cipher Feedback mode of operation //Decrypted text: Rijndael-128 Cipher Feedback mode of operation 4.8 Using Rijndael128 in OFB mode In OFB mode the encryption procedure can be performed with the use of Rijndael128EncryptOFB.

4.9 Rijndael128-OFB example 43 IppStatus ippsrijndael128encryptofb(const Ipp8u* plain,//input: //plain text Ipp8u* ciph, //output:cipher text int plainlen, //input:plain text length int blksize, //input:block size const IppsRijndael128Spec* ctx, //input: //Rijndael128 context const Ipp8u* iv) //input:initial vector In the decryption we can use Rijndael128DecryptOFB. IppStatus ippsrijndael128decryptofb(const Ipp8u* ciph,//input: //cipher text Ipp8u* decr, //output:decrypted text int ciphlen, //input:cipher text length int blksize, //input:block size const IppsRijndael128Spec* ctx, //input: //Rijndael128 context const Ipp8u* iv) //input:initial vector 4.9 Rijndael128-OFB example // Rijndael128 OFB encryption/decryption // icpc -xhost -ipp=crypto 000AES03.cpp #include "ippcp.h" #include<cstring> #include<iostream> using namespace std; int main(){ const int blksize = 16; // block size int ctxsize; // context size ippsrijndael128getsize(&ctxsize); // evaluating context size // allocate memory for Rijndael context IppsRijndael128Spec* ctx = (IppsRijndael128Spec*) ( new Ipp8u [ctxsize] ); // 128-bit key

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback