目录
实验内容
编程实现基于DES的集中式密钥分配协议的仿真过程,实验中包含至少10个用户,并可在任意两个用户间进行保密通信。会话内容以.txt文件格式传输。输出每一步所传递的信息和解密后的信息,并比较正式会话过程中解密后的明文信息同原来的会话文件是否一致。
实验原理
对称密码的集中式密钥分配协议
集中式密钥分配是由密钥分配中心KDC或由一组节点组成层次结构负责密钥的产生和分配给通信双方的任务。这样的分配方式可减少用户需要保存的会话密钥数量,用户仅需保存同KDC通信的加密密钥即可。
step1
A向KDC发送会话密钥请求。请求的消息包含A和B的身份信息及一个用于唯一标识本次业务的随机数N1。N1由会话密钥请求发起人每次请求时随机生成,常用一个时间戳、一个计数器或一个随机数作为这个标识符。并且为防止攻击者对N1的猜测,用随机数作为这个标识符最合适。
1. A->KDC: ID(A) || ID(B) || N1
step2
KDC对A的请求发出应答。应答包含密钥KA加密的信息,因此只有A才能成功对这一信息进行解密,并且A可以相信信息的确是由KDC发出的。信息中包括A希望得到的一次性会话密钥KS和step1中A发送的请求中的随机数N1。这样A可以验证应答与请求是否匹配,并验证自己发出的请求在被KDC收到之前是否被他人篡改。此外,A还可以根据一次性随机数相信自己收到的应答是否为重放的过去的应答。
除去A需要的必要信息,还包括B希望得到的两项内容。A的身份和一次性会话密钥KS,这两项用KB加密,并由A转发给B,以建立A和B之间的连接并用于向B证明A的身份。
2. KDC->A: E(Ka)[Ks || ID(A) || ID(B) || N1 || E(Kb)[Ks || ID(A)]]
step3
A存储会话密钥后,向B转发其所需的两项内容。因为转发的内容是由KB加密后的密文,所以转发的过程中不会被窃听。B收到后,可以获得会话密钥KS和A的身份确认,并且还可以从Ekb得知KS的确来自KDC。
3.A->B: E(Kb)[Ks || ID(A)]
step4
B用KS加密另一个一次性随机数N2后,并将其发送给A
4.B->A: E(Ks)[N2]
step5
A以f(N2) 作为对B的应答,其中f是对N2进行某种变换的函数,并将应答用会话密钥加密后发送给B
5.A->B: E(Ks)[f(N2)]
对称密码技术的密钥分配方案可参考这篇博客
对称密码技术的密钥分配_real_metrix的博客-CSDN博客
DES算法
DES算法,包括代码实现都在下面这篇博客
DES的加密与解密(C语言实现)——大三密码学实验_西瓜妹妹的唯一男朋友的博客-CSDN博客
ECB(电码本模式)
考虑到最后要以txt形式进行明文传输,可以用ECB
ECB与DES的结合,包括代码实现可以参考下面这篇博客
DES的加密解密在ECB上的使用(C语言实现)——大三密码学实验_西瓜妹妹的唯一男朋友的博客-CSDN博客
代码实现
用户结构体的声明
struct USER {
char name;
string key;
string ID;
};
struct USER user[10] = {'A',"1234567a","11111111",'B',"1234567b","22222222",'C',"1234567c","33333333",'D',"1234567d","44444444",'E',"1234567e","55555555",'F',"1234567f","66666666",'G',"1234567g","77777777",'H',"1234567h","88888888",'I',"1234567i","99999999",'J',"1234567j","00000000"};
name即它的名字,一个字符
key为对应的字符串密钥
ID为身份信息
初始化10个用户,比如第一个用户为A,密钥为"1234567a",身份信息为"11111111";
全局变量的声明
int key_3[17][48];//储存密钥的中间变量
int zhihuan2[48] = { 14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10, 23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2, 41, 52, 31, 37, 47, 55, 30, 40, 51, 45, 33, 48, 44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32 }; //置换2
int e[48] = { 32, 1, 2, 3, 4, 5,4, 5, 6, 7, 8, 9,8, 9, 10, 11, 12, 13,12, 13, 14, 15, 16, 17,16, 17, 18, 19, 20, 21,20, 21, 22, 23, 24, 25,24, 25, 26, 27, 28, 29,28, 29, 30, 31, 32, 1 }; //E盒
int p[32] = { 16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10, 2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25 }; //P盒
int zhihuan1[56] = { 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36, 63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22, 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4 }; //置换1
int IP[64] = { 58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4, 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8, 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3, 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7 }; //IP置换
int IP_1[64] = { 40, 8, 48, 16, 56, 24, 64, 32, 39, 7, 47, 15, 55, 23, 63, 31, 38, 6, 46, 14, 54, 22, 62, 30, 37, 5, 45, 13, 53, 21, 61, 29, 36, 4, 44, 12, 52, 20, 60, 28, 35, 3, 43, 11, 51, 19, 59, 27, 34, 2, 42, 10, 50, 18, 58, 26, 33, 1, 41, 9, 49, 17, 57, 25 }; //IP_1置换
unsigned char IDa[8], IDb[8], N1[8],N2[8],temp1[16],temp2[8],temp3[8];//用户1和2的ID,N1识别业务,temp1第二步得到的kb加密的密文,temp2,temp3中间变量
unsigned char ka[8], kb[8];//用户1和2的密钥
unsigned char ks[8];//随机生成ks
unsigned char step_2[48];//第二步最后的加密
unsigned char step_4[8];//第四步要转发的密文
unsigned char step_5[8];//第五步最后的加密
int key_l[17][28];//16轮左密钥
int key_r[17][28];//16轮右密钥
int key_2[17][56];//16轮总密钥
int users2[2];//用户的索引值
int index;//第四步得出的user1的索引值
各个变量的含义已经在注释中给出
find_number函数的构建
int find_number(char name) {
int n=0;
for (int i = 0; i < 10; i++) {
if (user[i].name == name) {
n = i;
break;
}
}
return n;
}
通过输入的用户名得到其对应的用户结构体数组中的索引值
finde_index函数的构建
int find_index(unsigned char temp[8]) {
int flag = 0;
for (int i = 0; i < 10; i++) {
flag = 0;
for (int j = 0; j < 8; j++) {
if (user[i].ID[j] == temp[j]) {
flag++;
}
else {
break;
}
}
if (flag == 8) {
return i;
break;
}
}
}
通过输入的用户身份信息来寻找其在用户结构体数组对应的索引值
DES和RE_DES函数的构建
关于DES算法所需要的函数都在下面这篇博客
DES的加密解密在ECB上的使用(C语言实现)——大三密码学实验_西瓜妹妹的唯一男朋友的博客-CSDN博客
ECB和RE_ECB函数的实现
与上面博客相比,对其做了一些改变
ECB函数的构建
int ECB(unsigned char b[8],char user1,char user2) {
FILE* input = fopen("C:\\Users\\Administrator\\Desktop\\测试文件\\CKD_input.txt", "r");
FILE* output = fopen("C:\\Users\\Administrator\\Desktop\\测试文件\\CKD_output.txt", "a");
int size, size1;
unsigned char a[8], plus3[8];
fseek(input, 0, SEEK_END);
size = ftell(input);
fseek(input, 0, SEEK_SET);
char c;
cout << user1<< "发送的明文为" << endl;
for (int i = 0; i < size; i++) {
fread(&c, 1, 1, input);
cout << c;
}
cout << endl;
fseek(input, 0, SEEK_SET);
for (int i = 0; i < size / 8; i++) {
fread(a, 8, 1, input);
DES(a, b, plus3);
fwrite(plus3, 8, 1, output);
}
size1 = size % 8;
fread(a, size1, 1, input);
for (int i = size1; i < 8; i++) {
a[size1] = '0';
}
DES(a, b, plus3);
fwrite(plus3, 8, 1, output);
fclose(input);
fclose(output);
return size;
}
主要添加了把明文文件的每个字节输出的功能
RE_ECB函数的构建
void RE_ECB(unsigned char b[8], int size,char user1,char user2) {
FILE* input1 = fopen("C:\\Users\\Administrator\\Desktop\\测试文件\\CKD_output.txt", "r");
FILE* output1 = fopen("C:\\Users\\Administrator\\Desktop\\测试文件\\CKD_reinput.txt", "a");
unsigned char min_plus[8];
int size1;
unsigned char a[8];
fseek(input1, 0, SEEK_END);
size1 = ftell(input1);
fseek(input1, 0, SEEK_SET);
for (int i = 0; i < size / 8; i++) {
fread(a, 8, 1, input1);
RE_DES(a, b, min_plus);
fwrite(min_plus, 8, 1, output1);
}
size1 = 8 - (size1 - size);
fread(a, 8, 1, input1);
RE_DES(a, b, min_plus);
fwrite(min_plus, size1, 1, output1);
fclose(input1);
fclose(output1);
}
添加了将解密后得到的明文每个字节输出的功能
对称密码的集中式密钥分配协议的核心部分
step1函数的构建
void step1(char user1, char user2) {
int temp;
for (int i = 0; i < 8; i++) {//随机生成N1
temp = 48 + rand() % 10;
N1[i] = char(temp);
}
cout << "--------------------(1)" << user1 << "向KDC发出会话密钥请求:请求的消息由" << user1 << "和" << user2 << "的身份,惟一识别符N1。明文传输--------------------" << endl;
cout << "生成随机标识符N1:";
for (int i = 0; i < 8; i++) {
cout << N1[i];
}
cout << endl;
int n1, n2;//分别是通讯方和被通讯方的索引值
n1 = find_number( user1);
n2 = find_number( user2);
users2[0] = n1;
users2[1] = n2;
cout << user[n1].ID << "|" << user[n2].ID << "|";
for (int i = 0; i < 8; i++) {
IDa[i] = user[n1].ID[i];
IDb[i] = user[n2].ID[i];
}
for (int i = 0; i < 8; i++) {
cout << N1[i];
}
cout << endl;
}
即实现分配协议的第一步
通过rand函数生成48-57之间的任意整数,通过char转类型,范围为'0'-'9',这样方便带入DES算法进行加密(DES算法的参数为字符型数组)
然后将生成的标识符输出
再找到两个用户对应的索引值,进而找到他们的身份信息并将其输出
最后再把生成的标识符输出
表明两个用户的身份信息以及N1已经发送给KDC;
step2函数的构建
void step2(char user1, char user2) {
cout << "--------------------(2)" << "KDC为" << user1 << "的请求发出应答 E(Ka)[Ks || ID(A) || ID(B) || N1 || E(Kb)[Ks || ID(A)]]--------------------" << endl;
for (int i = 0; i < 8; i++) {//找密钥
ka[i] = user[users2[0]].key[i];
kb[i] = user[users2[1]].key[i];
}
int temp;
for (int i = 0; i < 8; i++) {
temp = 48 + rand() % 10;
ks[i] = char(temp);
}
//E(kb)[ks||ID(A)]
unsigned char temp2[8];
DES(ks, kb, temp2);
for (int i = 0; i < 8; i++) {
temp1[i] = temp2[i];
}
DES(IDa, kb, temp2);
for (int i = 0; i < 8; i++) {
temp1[i+8] = temp2[i];
}
cout << "kb加密的部分为:" ;
for (int i = 0; i < 16; i++) {
cout << temp1[i];
}
cout << endl;
//E(ka)[ks||IDa||IDb||N1]
DES(ks, ka, temp2);
for (int i = 0; i < 8; i++) {
step_2[i] = temp2[i];
}
DES(IDa, ka, temp2);
for (int i = 8; i < 16; i++) {
step_2[i] = temp2[i-8];
}
DES(IDb, ka, temp2);
for (int i = 16; i < 24; i++) {
step_2[i] = temp2[i-16];
}
DES(N1, ka, temp2);
for (int i = 24; i < 32; i++) {
step_2[i] = temp2[i-24];
}
//把temp1分解成两个8字节加密
for (int i = 0; i < 2; i++) {
for (int j = 0; j < 8; j++) {
temp3[j] = temp1[i * 8 + j];
}
DES(temp3, ka, temp2);
for (int j = 0; j < 8; j++) {
step_2[32 + i * 8 + j] = temp2[j];
}
}
cout << "KDC已经找到" << user1 << "的密钥:";
for (int i = 0; i < 8; i++) {
cout << ka[i];
}
cout << "," << user2 << "的密钥:";
for (int i = 0; i < 8; i++) {
cout << kb[i];
}
cout << endl;
}
先找到两个用户的密钥并将其存储下来
然后以类似于生成N1的方式生成一次性会话密钥KS
temp2为中间变量数组
接下来用DES算法对一次性会话密钥KS和用户1的身份信息加密,密钥为用户2的密钥
结果储存在数组temp1里
再通过DES算法依次对一次性会话密钥、用户1的身份信息、用户2的身份信息以及temp1进行加密,密钥为用户1的密钥,其中前几个变量都是8字节数组,而temp1为16进制数组,则temp1分两次处理,最后加密结果都放在step_2数组中
最后把用户1和用户2的密钥输出
step3函数的构建
void step3(char user1, char user2) {
cout << "--------------------(3)";
cout << user1 << "存储会话密钥,并向";
cout << user2 << "转发EKB[KS||IDA]--------------------" << endl;
cout << user1 << "向" << user2 << "转发: ";
for (int i = 0; i < 16; i++) {
cout << temp1[i];
}
cout << endl;
}
即将上一步用户2的密钥加密的部分输出
step4函数的构建
void step4(char user1, char user2) {
cout << "--------------------(4)" << user2 << "用ks加密随机数N2,并将加密结果转发给" << user1<<"--------------------" << endl;
for (int i = 0; i < 8; i++) {
temp3[i] = temp1[i];
}
RE_DES(temp3, kb, temp2);//解密得出ks
cout << user2;
cout << "得到了会话密钥:";
for (int i = 0; i < 8; i++) {
cout << temp2[i];
}
for (int i = 0; i < 8; i++) {
temp3[i] = temp1[i + 8];
}
RE_DES(temp3, kb, temp2);//解密得出发送者的ID
index = find_index(temp2);
cout << "得到" << user[index].name << "的身份信息ID: ";
for (int i = 0; i < 8; i++) {
cout << temp2[i];
}
cout << endl;
int temp;
for (int i = 0; i < 8; i++) {//生成随机数N2
temp = 48 + rand() % 10;
N2[i] = char(temp);
}
DES(N2, ks, temp2);//用ks加密N2
cout << user2<<"向"<< user[index].name <<"转发: ";
for (int i = 0; i < 8; i++) {
cout << temp2[i];
}
cout << endl;
}
将上一步用户1发送给用户2的密文进行解密
密文加密的密钥是用户2的密钥,那么解密就要用用户2的密钥
解密出的结果就是KS和用户1的身份信息
先对KS进行解密,将其输出,再将用户1的身份信息进行解密,通过find_index函数确定通讯方确实是用户1
再生成随机标识符N2,用KS加密,储存在temp2中,并输出
step5函数的构建
void step5(char user1, char user2) {
cout << "--------------------(5)" << user1 << "以f(N2)作为对" << user2 << "的应答,其中f是对N2进行某种变换的函数,并加密后发送给" << user2 << "--------------------" << endl;
//user1对上一步user2发送的进行解密
RE_DES(temp2, ks, temp3);
cout << user1<<"解密得到的随机数为: ";
for (int i = 0; i < 8; i++) {
cout << temp3[i];
}
cout << endl;
//对N2进行f变换,例如加1
temp3[7] = char(int(temp3[7])+1);
DES(temp3, ks, step_5);//对f(N2)进行加密
cout << user1 << "要转发给" << user2 << "的是:";
for (int i = 0; i < 8; i++) {
cout << step_5[i];
}
cout << endl;
//user2对user1的解密
RE_DES(step_5, ks, temp3);
temp3[7]= char(int(temp3[7]) -1);
//验证
int flag = 0;
for (int i = 0; i < 8; i++) {
if (temp3[i] != N2[i]) {
flag = 1;
break;
}
}
if (flag == 1) {
cout << "验证失败";
}
else {
cout << "验证成功";
cout << endl;
int size;
size = ECB(ks,user1,user2);
RE_ECB(ks, size,user1,user2);
char c;
FILE* output2 = fopen("C:\\Users\\Administrator\\Desktop\\测试文件\\CKD_reinput.txt", "r");
cout << user2 << "解密得到的明文为:" << endl;
for (int i = 0; i < size; i++) {
fread(&c, 1, 1, output2);
cout << c;
}
cout << endl;
fclose(output2);
FILE* min = fopen("C:\\Users\\Administrator\\Desktop\\测试文件\\CKD_reinput.txt", "r ");
FILE* min1 = fopen("C:\\Users\\Administrator\\Desktop\\测试文件\\CKD_input.txt", "r");
char p, q;
flag = 0;
for (int i = 0; i < size; i++) {
fread(&p, 1, 1, min);
fread(&q, 1, 1, min1);
if (p != q) {
flag = 1;
break;
}
}
fclose(min);
fclose(min1);
if (flag == 0) {
cout << "解密成功";
}
else {
cout << "解密失败";
}
}
}
将用户2发送给用户1的消息进行解密
再对N2做f改变,f自选,在这里的作用是把N2的最后一个字符加1
然后用KS加密加密改变后的N2,再发送给用户2
用户2进行解密,再用f函数的逆得到N2,与原来的N2做比较,如果是一样的,则验证成功,可以通过ECB来进行信息的发送,否则验证失败,不能进行信息发送
主函数的构建
int main() {
char user1, user2;
cout << "请输入通讯方:";
cin >> user1;
cout << "请输入被通讯方:";
cin >> user2;
step1(user1, user2);
step2(user1, user2);
step3(user1, user2);
step4(user1, user2);
step5(user1, user2);
return 0;
}
总代码
#define _CRT_SECURE_NO_WARNINGS
#include <stdio.h>
#include <iostream>
#include<time.h>
using namespace std;
struct USER {
char name;
string key;
string ID;
};
struct USER user[10] = { 'A',"1234567a","11111111",'B',"1234567b","22222222",'C',"1234567c","33333333",'D',"1234567d","44444444",'E',"1234567e","55555555",'F',"1234567f","66666666",'G',"1234567g","77777777",'H',"1234567h","88888888",'I',"1234567i","99999999",'J',"1234567j","00000000" };
int key_3[17][48];
int zhihuan2[48] = { 14, 17, 11, 24, 1, 5, 3, 28, 15, 6, 21, 10, 23, 19, 12, 4, 26, 8, 16, 7, 27, 20, 13, 2, 41, 52, 31, 37, 47, 55, 30, 40, 51, 45, 33, 48, 44, 49, 39, 56, 34, 53, 46, 42, 50, 36, 29, 32 }; //置换2
int e[48] = { 32, 1, 2, 3, 4, 5,4, 5, 6, 7, 8, 9,8, 9, 10, 11, 12, 13,12, 13, 14, 15, 16, 17,16, 17, 18, 19, 20, 21,20, 21, 22, 23, 24, 25,24, 25, 26, 27, 28, 29,28, 29, 30, 31, 32, 1 }; //E盒
int p[32] = { 16, 7, 20, 21, 29, 12, 28, 17, 1, 15, 23, 26, 5, 18, 31, 10, 2, 8, 24, 14, 32, 27, 3, 9, 19, 13, 30, 6, 22, 11, 4, 25 }; //P盒
int zhihuan1[56] = { 57, 49, 41, 33, 25, 17, 9, 1, 58, 50, 42, 34, 26, 18, 10, 2, 59, 51, 43, 35, 27, 19, 11, 3, 60, 52, 44, 36, 63, 55, 47, 39, 31, 23, 15, 7, 62, 54, 46, 38, 30, 22, 14, 6, 61, 53, 45, 37, 29, 21, 13, 5, 28, 20, 12, 4 }; //置换1
int IP[64] = { 58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4, 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8, 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3, 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7 }; //IP置换
int IP_1[64] = { 40, 8, 48, 16, 56, 24, 64, 32, 39, 7, 47, 15, 55, 23, 63, 31, 38, 6, 46, 14, 54, 22, 62, 30, 37, 5, 45, 13, 53, 21, 61, 29, 36, 4, 44, 12, 52, 20, 60, 28, 35, 3, 43, 11, 51, 19, 59, 27, 34, 2, 42, 10, 50, 18, 58, 26, 33, 1, 41, 9, 49, 17, 57, 25 }; //IP_1置换
unsigned char IDa[8], IDb[8], N1[8],N2[8],temp1[16],temp2[8],temp3[8];//用户1和2的ID,N1识别业务,temp1第二步得到的kb加密的密文,temp2,temp3中间变量
unsigned char ka[8], kb[8];//用户1和2的密钥
unsigned char ks[8];//随机生成ks
unsigned char step_2[48];//第二步最后的加密
unsigned char step_4[8];//第四步要转发的密文
unsigned char step_5[8];//第五步最后的加密
int key_l[17][28];//16轮密钥
int key_r[17][28];
int key_2[17][56];
int users2[2];//用户的索引值
int index;//第四步得出的user1的索引值
int get(int r) //得到第r轮的移位数
{
int i;
if (r == 1 || r == 2 || r == 9 || r == 16) {
i = 1;
}
else {
i = 2;
}
return i;
}
void yihuo(int* a, int* b, int num) //异或
{
int i;
for (i = 0; i < num; i++)
{
if (a[i] == b[i]) {//相同为0
a[i] = 0;
}
else {//不同为1
a[i] = 1;
}
}
}
void fuck(int a[64], int b[64], int n) {
for (int i = 0; i < n; i++) {
a[i] = b[i];
}
}
void left_move(int s[28], int s1[28], int n) //左移
{
int i, t, temp;
fuck(s, s1, 28);
for (i = 0; i < n; i++) {
temp = s[0];
for (t = 0; t < 27; t++) {
s[t] = s[t + 1];
}
s[27] = temp;//原先的左半部分第一位赋给最后一位
}
}
void exchange(int* a, int* b, int* biao, int n) //置换
{
int i, loc;
for (i = 0; i < n; i++)//输入的第biao[i]位是输出的第i位
{
loc = biao[i];
b[i] = a[loc - 1];
}
return;
}
void erzhuanshi(int* a, unsigned char* b, int n)
// a是二进制数组,b是存放十六进制的数组,n是二进制数组的大小
{
int i, j;
n = n / 8;
for (i = 0; i < n; i++)
{
j = 128 * a[8 * i] + 64 * a[8 * i + 1] + 32 * a[8 * i + 2] + 16 * a[8 * i + 3] + 8 * a[8 * i + 4] + 4 * a[8 * i + 5] + 2 * a[8 * i + 6] + 1 * a[8 * i + 7];//先转换为十进制
b[i] = (char)j;//转换为char型字符
}
}
void shizhuaner(int* a, int x, int i, int n)
// a是存放二进制的数组,x是需要进行转换的十进制数,i是第i个十进制数,n是数组大小
{
int j; n = n / 8; j = n - 1;
do {
a[i * n + j] = x % 2;//x的2进制最后一位,0or1
x = x / 2;//右移
j--;
} while (x != 0);
while (j >= 0)//如果右移后出现000....的情况
{
a[i * n + j] = 0;
j--;
}
return;
}
void s_box(int a[32], int b[48]) //S盒
{
int i, r, c, s;
int s1[4][16] = { { 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7 },{ 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8 },{ 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0 },{ 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13 } },
s2[4][16] = { { 15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10 },{ 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5 },{ 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15 },{ 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9 } },
s3[4][16] = { { 10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8 },{ 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1 },{ 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7 },{ 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12 } },
s4[4][16] = { { 7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15 },{ 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9 },{ 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 3 },{ 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14 } },
s5[4][16] = { { 2, 12, 4, 1, 7, 10, 11, 6, 8, 5, 3, 15, 13, 0, 14, 9 },{ 14, 11, 2, 12, 4, 7, 13, 1, 5, 0, 15, 10, 3, 9, 8, 6 },{ 4, 2, 1, 11, 10, 13, 7, 8, 15, 9, 12, 5, 6, 3, 0, 14 },{ 11, 8, 12, 7, 1, 14, 2, 13, 6, 15, 0, 9, 10, 4, 5, 3 } },
s6[4][16] = { { 12, 1, 10, 15, 9, 2, 6, 8, 0, 13, 3, 4, 14, 7, 5, 11 },{ 10, 15, 4, 2, 7, 12, 9, 5, 6, 1, 13, 14, 0, 11, 3, 8 },{ 9, 14, 15, 5, 2, 8, 12, 3, 7, 0, 4, 10, 1, 13, 11, 6 },{ 4, 3, 2, 12, 9, 5, 15, 10, 11, 14, 1, 7, 6, 0, 8, 13 } },
s7[4][16] = { { 4, 11, 2, 14, 15, 0, 8, 13, 3, 12, 9, 7, 5, 10, 6, 1 },{ 13, 0, 11, 7, 4, 9, 1, 10, 14, 3, 5, 12, 2, 15, 8, 6 },{ 1, 4, 11, 13, 12, 3, 7, 14, 10, 15, 6, 8, 0, 5, 9, 2 },{ 6, 11, 13, 8, 1, 4, 10, 7, 9, 5, 0, 15, 14, 2, 3, 12 } },
s8[4][16] = { { 13, 2, 8, 4, 6, 15, 11, 1, 10, 9, 3, 14, 5, 0, 12, 7 },{ 1, 15, 13, 8, 10, 3, 7, 4, 12, 5, 6, 11, 0, 14, 9, 2 },{ 7, 11, 4, 1, 9, 12, 14, 2, 0, 6, 10, 13, 15, 3, 5, 8 },{ 2, 1, 14, 7, 4, 10, 8, 13, 15, 12, 9, 0, 3, 5, 6, 11 } };
for (i = 0; i < 8; i++)
{
r = 2 * b[6 * i] + b[6 * i + 5];//第一位和最后一位构建行
c = 8 * b[6 * i + 1] + 4 * b[6 * i + 2] + 2 * b[6 * i + 3] + b[6 * i + 4];//中间四位构建列
switch (i) //选择盒子
{
case 0:s = s1[r][c]; break;
case 1:s = s2[r][c]; break;
case 2:s = s3[r][c]; break;
case 3:s = s4[r][c]; break;
case 4:s = s5[r][c]; break;
case 5:s = s6[r][c]; break;
case 6:s = s7[r][c]; break;
case 7:s = s8[r][c]; break;
}
shizhuaner(a, s, i, 32); //转化为二进制
}
}
int find_number(char name) {
int n=0;
for (int i = 0; i < 10; i++) {
if (user[i].name == name) {
n = i;
break;
}
}
return n;
}
int find_index(unsigned char temp[8]) {
int flag = 0;
for (int i = 0; i < 10; i++) {
flag = 0;
for (int j = 0; j < 8; j++) {
if (user[i].ID[j] == temp[j]) {
flag++;
}
else {
break;
}
}
if (flag == 8) {
return i;
break;
}
}
}
void DES(unsigned char a[8], unsigned char b[8], unsigned char plus3[8])
{
int m_a[64] = { 0 };
int m_b[64]; //IP置换前后的明文
int s_a[64] = { 0 };
int s_b[56]; //置换1前后的二进制密钥
int r; //轮数
int miwen[8] = { 0 }; //最终密文
int i, j = 0;
for (i = 0; i < 8; i++)
{
shizhuaner(m_a, (int)a[i], i, 64);
}
for (i = 0; i < 8; i++)
{
shizhuaner(s_a, (int)b[i], i, 64);
}
exchange(m_a, m_b, IP, 64); //明文进行初始置换
int min_l[17][32];
int min_r[17][32];
for (i = 0; i < 32; i++)//明文第0轮的左半部分
min_l[0][i] = m_b[i];
for (i = 32; i < 64; i++)//明文的右半部分
min_r[0][i - 32] = m_b[i];
exchange(s_a, s_b, zhihuan1, 56);//密钥进行PC-1置换
int run = 1;
for (int i = 0; i < 28; i++) {
key_l[0][i] = s_b[i];
key_r[0][i] = s_b[i + 28];
}
int n;
for (r = 1; r <= 16; r++) {
n = get(r);
left_move(key_l[run], key_l[run - 1], n);
left_move(key_r[run], key_r[run - 1], n);
run++;
}
//结合
for (r = 1; r <= 16; r++) {
for (i = 0; i < 28; i++) {
key_2[r][i] = key_l[r][i];
key_2[r][i + 28] = key_r[r][i];
}
}
//pc-2置换
for (r = 1; r <= 16; r++) {
exchange(key_2[r], key_3[r], zhihuan2, 48);
}
//真正的16轮密钥到此生成
int temp6[48], temp1[32];
for (int r = 1; r <= 16; r++) {
fuck(min_l[r], min_r[r - 1], 32);//左半部分等于上一轮右半部分
exchange(min_r[r - 1], temp6, e, 48);//E置换
yihuo(temp6, key_3[r], 48);//准备S盒置换
s_box(temp1, temp6);//s盒替换完毕
exchange(temp1, temp6, p, 32);//P置换
yihuo(temp6, min_l[r - 1], 32);
fuck(min_r[r], temp6, 32);
}
int plus1[64] = { 0 };
int plus2[64] = { 0 };
for (i = 0; i < 32; i++) {
plus1[i] = min_r[16][i];
plus1[i + 32] = min_l[16][i];
}
exchange(plus1, plus2, IP_1, 64);
erzhuanshi(plus2, plus3, 64);
//plus3是密文
}
void RE_DES(unsigned char a[8], unsigned char b[8], unsigned char min_plus[8]) {
//开始解密
int s_a[64] = { 0 };
int s_b[56]; //置换1前后的二进制密钥
int plus2[64], plus1[64], min_l[17][32], min_r[17][32];
for (int i = 0; i < 8; i++)
{
shizhuaner(s_a, (int)b[i], i, 64);
}
exchange(s_a, s_b, zhihuan1, 56);//密钥进行PC-1置换
int run = 1;
for (int i = 0; i < 28; i++) {
key_l[0][i] = s_b[i];
key_r[0][i] = s_b[i + 28];
}
int n;
for (int r = 1; r <= 16; r++) {
n = get(r);
left_move(key_l[run], key_l[run - 1], n);
left_move(key_r[run], key_r[run - 1], n);
run++;
}
//结合
for (int r = 1; r <= 16; r++) {
for (int i = 0; i < 28; i++) {
key_2[r][i] = key_l[r][i];
key_2[r][i + 28] = key_r[r][i];
}
}
//pc-2置换
for (int r = 1; r <= 16; r++) {
exchange(key_2[r], key_3[r], zhihuan2, 48);
}
//真正的16轮密钥到此生成
for (int i = 0; i < 8; i++) {
shizhuaner(plus2, int(a[i]), i, 64);
}
exchange(plus2, plus1, IP, 64);//IP_1置换
for (int i = 0; i < 32; i++) {
min_l[16][i] = plus1[i + 32];
min_r[16][i] = plus1[i];
}
cout << endl;
for (int r = 16; r >= 1; r--) {
fuck(min_r[r - 1], min_l[r], 32);//这一轮的左等于上一轮的右
exchange(min_r[r - 1], plus1, e, 48);//E扩展
yihuo(plus1, key_3[r], 48);//与密钥异或
s_box(plus2, plus1);//S盒置换
exchange(plus2, plus1, p, 32);//p盒置换
fuck(min_l[r - 1], plus1, 32);
yihuo(min_l[r - 1], min_r[r], 32);//异或
}
for (int i = 0; i < 32; i++) {
plus1[i + 32] = min_r[0][i];
plus1[i] = min_l[0][i];
}
exchange(plus1, plus2, IP_1, 64);;
erzhuanshi(plus2, min_plus, 64);
//min_plus是明文
}
int ECB(unsigned char b[8],char user1,char user2) {
FILE* input = fopen("C:\\Users\\Administrator\\Desktop\\测试文件\\CKD_input.txt", "r");
FILE* output = fopen("C:\\Users\\Administrator\\Desktop\\测试文件\\CKD_output.txt", "a");
int size, size1;
unsigned char a[8], plus3[8];
fseek(input, 0, SEEK_END);
size = ftell(input);
fseek(input, 0, SEEK_SET);
char c;
cout << user1<< "发送的明文为" << endl;
for (int i = 0; i < size; i++) {
fread(&c, 1, 1, input);
cout << c;
}
cout << endl;
fseek(input, 0, SEEK_SET);
for (int i = 0; i < size / 8; i++) {
fread(a, 8, 1, input);
DES(a, b, plus3);
fwrite(plus3, 8, 1, output);
}
size1 = size % 8;
fread(a, size1, 1, input);
for (int i = size1; i < 8; i++) {
a[size1] = '0';
}
DES(a, b, plus3);
fwrite(plus3, 8, 1, output);
fclose(input);
fclose(output);
return size;
}
void RE_ECB(unsigned char b[8], int size,char user1,char user2) {
FILE* input1 = fopen("C:\\Users\\Administrator\\Desktop\\测试文件\\CKD_output.txt", "r");
FILE* output1 = fopen("C:\\Users\\Administrator\\Desktop\\测试文件\\CKD_reinput.txt", "a");
unsigned char min_plus[8];
int size1;
unsigned char a[8];
fseek(input1, 0, SEEK_END);
size1 = ftell(input1);
fseek(input1, 0, SEEK_SET);
for (int i = 0; i < size / 8; i++) {
fread(a, 8, 1, input1);
RE_DES(a, b, min_plus);
fwrite(min_plus, 8, 1, output1);
}
size1 = 8 - (size1 - size);
fread(a, 8, 1, input1);
RE_DES(a, b, min_plus);
fwrite(min_plus, size1, 1, output1);
fclose(input1);
fclose(output1);
}
void step1(char user1, char user2) {
int temp;
for (int i = 0; i < 8; i++) {//随机生成N1
temp = 48 + rand() % 10;
N1[i] = char(temp);
}
cout << "--------------------(1)" << user1 << "向KDC发出会话密钥请求:请求的消息由" << user1 << "和" << user2 << "的身份,惟一识别符N1。明文传输--------------------" << endl;
cout << "生成随机标识符N1:";
for (int i = 0; i < 8; i++) {
cout << N1[i];
}
cout << endl;
int n1, n2;//分别是通讯方和被通讯方的索引值
n1 = find_number( user1);
n2 = find_number( user2);
users2[0] = n1;
users2[1] = n2;
cout << user[n1].ID << "|" << user[n2].ID << "|";
for (int i = 0; i < 8; i++) {
IDa[i] = user[n1].ID[i];
IDb[i] = user[n2].ID[i];
}
for (int i = 0; i < 8; i++) {
cout << N1[i];
}
cout << endl;
}
void step2(char user1, char user2) {
cout << "--------------------(2)" << "KDC为" << user1 << "的请求发出应答 E(Ka)[Ks || ID(A) || ID(B) || N1 || E(Kb)[Ks || ID(A)]]--------------------" << endl;
for (int i = 0; i < 8; i++) {//找密钥
ka[i] = user[users2[0]].key[i];
kb[i] = user[users2[1]].key[i];
}
int temp;
for (int i = 0; i < 8; i++) {
temp = 48 + rand() % 10;
ks[i] = char(temp);
}
//E(kb)[ks||ID(A)]
unsigned char temp2[8];
DES(ks, kb, temp2);
for (int i = 0; i < 8; i++) {
temp1[i] = temp2[i];
}
DES(IDa, kb, temp2);
for (int i = 0; i < 8; i++) {
temp1[i+8] = temp2[i];
}
cout << "kb加密的部分为:" ;
for (int i = 0; i < 16; i++) {
cout << temp1[i];
}
cout << endl;
//E(ka)[ks||IDa||IDb||N1]
DES(ks, ka, temp2);
for (int i = 0; i < 8; i++) {
step_2[i] = temp2[i];
}
DES(IDa, ka, temp2);
for (int i = 8; i < 16; i++) {
step_2[i] = temp2[i-8];
}
DES(IDb, ka, temp2);
for (int i = 16; i < 24; i++) {
step_2[i] = temp2[i-16];
}
DES(N1, ka, temp2);
for (int i = 24; i < 32; i++) {
step_2[i] = temp2[i-24];
}
//把temp1分解成两个8字节加密
for (int i = 0; i < 2; i++) {
for (int j = 0; j < 8; j++) {
temp3[j] = temp1[i * 8 + j];
}
DES(temp3, ka, temp2);
for (int j = 0; j < 8; j++) {
step_2[32 + i * 8 + j] = temp2[j];
}
}
cout << "KDC已经找到" << user1 << "的密钥:";
for (int i = 0; i < 8; i++) {
cout << ka[i];
}
cout << "," << user2 << "的密钥:";
for (int i = 0; i < 8; i++) {
cout << kb[i];
}
cout << endl;
}
void step3(char user1, char user2) {
cout << "--------------------(3)";
cout << user1 << "存储会话密钥,并向";
cout << user2 << "转发EKB[KS||IDA]--------------------" << endl;
cout << user1 << "向" << user2 << "转发: ";
for (int i = 0; i < 16; i++) {
cout << temp1[i];
}
cout << endl;
}
void step4(char user1, char user2) {
cout << "--------------------(4)" << user2 << "用ks加密随机数N2,并将加密结果转发给" << user1<<"--------------------" << endl;
for (int i = 0; i < 8; i++) {
temp3[i] = temp1[i];
}
RE_DES(temp3, kb, temp2);//解密得出ks
cout << user2;
cout << "得到了会话密钥:";
for (int i = 0; i < 8; i++) {
cout << temp2[i];
}
for (int i = 0; i < 8; i++) {
temp3[i] = temp1[i + 8];
}
RE_DES(temp3, kb, temp2);//解密得出发送者的ID
index = find_index(temp2);
cout << "得到" << user[index].name << "的身份信息ID: ";
for (int i = 0; i < 8; i++) {
cout << temp2[i];
}
cout << endl;
int temp;
for (int i = 0; i < 8; i++) {//生成随机数N2
temp = 48 + rand() % 10;
N2[i] = char(temp);
}
DES(N2, ks, temp2);//用ks加密N2
cout << user2<<"向"<< user[index].name <<"转发: ";
for (int i = 0; i < 8; i++) {
cout << temp2[i];
}
cout << endl;
}
void step5(char user1, char user2) {
cout << "--------------------(5)" << user1 << "以f(N2)作为对" << user2 << "的应答,其中f是对N2进行某种变换的函数,并加密后发送给" << user2 << "--------------------" << endl;
//user1对上一步user2发送的进行解密
RE_DES(temp2, ks, temp3);
cout << user1<<"解密得到的随机数为: ";
for (int i = 0; i < 8; i++) {
cout << temp3[i];
}
cout << endl;
//对N2进行f变换,例如加1
temp3[7] = char(int(temp3[7])+1);
DES(temp3, ks, step_5);//对f(N2)进行加密
cout << user1 << "要转发给" << user2 << "的是:";
for (int i = 0; i < 8; i++) {
cout << step_5[i];
}
cout << endl;
//user2对user1的解密
RE_DES(step_5, ks, temp3);
temp3[7]= char(int(temp3[7]) -1);
//验证
int flag = 0;
for (int i = 0; i < 8; i++) {
if (temp3[i] != N2[i]) {
flag = 1;
break;
}
}
if (flag == 1) {
cout << "验证失败";
}
else {
cout << "验证成功";
cout << endl;
int size;
size = ECB(ks,user1,user2);
RE_ECB(ks, size,user1,user2);
char c;
FILE* output2 = fopen("C:\\Users\\Administrator\\Desktop\\测试文件\\CKD_reinput.txt", "r");
cout << user2 << "解密得到的明文为:" << endl;
for (int i = 0; i < size; i++) {
fread(&c, 1, 1, output2);
cout << c;
}
cout << endl;
fclose(output2);
FILE* min = fopen("C:\\Users\\Administrator\\Desktop\\测试文件\\CKD_reinput.txt", "r ");
FILE* min1 = fopen("C:\\Users\\Administrator\\Desktop\\测试文件\\CKD_input.txt", "r");
char p, q;
flag = 0;
for (int i = 0; i < size; i++) {
fread(&p, 1, 1, min);
fread(&q, 1, 1, min1);
if (p != q) {
flag = 1;
break;
}
}
fclose(min);
fclose(min1);
if (flag == 0) {
cout << "解密成功";
}
else {
cout << "解密失败";
}
}
}
int main() {
char user1, user2;
cout << "请输入通讯方:";
cin >> user1;
cout << "请输入被通讯方:";
cin >> user2;
step1(user1, user2);
step2(user1, user2);
step3(user1, user2);
step4(user1, user2);
step5(user1, user2);
return 0;
}