With 3DES encryption, we use a 128-bit key and a 64-bit IV value. The two modes supported are ECB (without salt) and CBC (with salt). The DES algorithm has been around for a long time, and the 56-bit version is now easily crackable (in less than a day on fairly modest equipment). An enhancement, and one which is still fairly compatible with DES, is the 3-DES algorithm. It has three phases, and splits the key into two. Overall the key size is typically 112 bits (with a combination of the three keys - of which two of the keys are the same). In this case we will use PKCS7 padding, and which fills the input data with a value that is equal to the number of padding bytes. Overall, DES has a 64-bit block size, and which equates to eight ASCII characters.
3DES CBC/ECB Encryption with C# |
Method
With 3DES encryption, we use a 128-bit key and a 64-bit IV value. The two modes supported are ECB (without salt) and CBC (with salt). The DES algorithm has been around for a long time, and the 56-bit version is now easily crackable (in less than a day on fairly modest equipment). An enhancement, and one which is still fairly compatible with DES, is the 3-DES algorithm. It has three phases, and splits the key into two. Overall the key size is typically 112 bits (with a combination of the three keys - of which two of the keys are the same). In this case we will use PKCS7 padding, and which fills the input data with a value that is equal to the number of padding bytes.
Coding
First we create a folder named "des3", and then go into that folder.We can create a Dotnet console project for .NET 8.0 with:
dotnet new console --framework net8.0
This produces a Csproject file of:
<Project Sdk="Microsoft.NET.Sdk"> <PropertyGroup> <OutputType>Exe</OutputType> <TargetFramework>net8.0</TargetFramework> <ImplicitUsings>enable</ImplicitUsings> <Nullable>enable</Nullable> </PropertyGroup> </Project>
The following is the coding:
namespace DES3 { class Program { static void Main(string[] args) { var plaintext="Hello"; var mykey="test"; var iv="0001020304050607"; var mode="CBC"; try { if (args.Length >0) plaintext=args[0]; if (args.Length >1) mykey=args[1]; if (args.Length >2) iv=args[2]; if (args.Length >3) mode=args[3]; var des=System.Security.Cryptography.TripleDES.Create(); var key=System.Security.Cryptography.Rfc2898DeriveBytes.Pbkdf2(System.Text.Encoding.UTF8.GetBytes(mykey),System.Text.Encoding.UTF8.GetBytes(""),1000,new System.Security.Cryptography.HashAlgorithmName("SHA256"),16); if (mode == "CBC") des.Mode = System.Security.Cryptography.CipherMode.CBC; else if (mode == "ECB") des.Mode = System.Security.Cryptography.CipherMode.ECB; des.Padding = System.Security.Cryptography.PaddingMode.PKCS7; des.BlockSize = 64; des.IV=System.Convert.FromHexString(iv); des.Key =key; var bytes = System.Text.Encoding.UTF8.GetBytes(plaintext); var encryptor = des.CreateEncryptor(); var encryptedData = encryptor.TransformFinalBlock(bytes, 0, bytes.Length); var decryptor = des.CreateDecryptor(); var pl = decryptor.TransformFinalBlock(encryptedData, 0, encryptedData.Length); Console.WriteLine("Plaintext: {0}",plaintext); Console.WriteLine("IV: {0}",mykey); Console.WriteLine("Passphrase for key: {0}",iv); Console.WriteLine("Key: {0}",Convert.ToBase64String(key)); Console.WriteLine("Mode: {0}",mode); Console.WriteLine("\nCipher: {0} [{1}]",Convert.ToBase64String(encryptedData),Convert.ToHexString(encryptedData)); Console.WriteLine("PLaintext (decrypt): {0}",System.Text.Encoding.ASCII.GetString(pl)); } catch (Exception e) { Console.WriteLine("Error: {0}",e.Message); } } } }
In this case we use PBKDF2 to generate a 16 byte key (128 bits). Note that the key size is only 112 bits (14 bytes), so we will ignore the last two bytes in the generated key. A sample run shows:
Plaintext: qwerty IV: 0001020304050607 Passphrase for key: password1234 Key: Jc8a2yp3owJNw/Q8Bq02eg== Mode: CBC Cipher: 0sio9HBkWeg= [D2C8A8F4706459E8] PLaintext (decrypt): qwerty
Presentation
Here is an outline: