Package Crypto :: Package Cipher :: Module DES
[frames] | no frames]

Module DES

DES symmetric cipher

DES (Data Encryption Standard) is a symmetric block cipher standardized by NIST . It has a fixed data block size of 8 bytes. Its keys are 64 bits long, even though 8 bits were used for integrity (now they are ignored) and do not contribute to securty.

DES is cryptographically secure, but its key length is too short by nowadays standards and it could be brute forced with some effort.

DES should not be used for new designs. Use AES.

As an example, encryption can be done as follows:

>>> from Crypto.Cipher import DES
>>> from Crypto import Random
>>>
>>> key = b'-8B key-'
>>> iv = Random.new().read(DES.block_size)
>>> cipher = DES.new(key, DES.MODE_OFB, iv)
>>> plaintext = b'sona si latine loqueris '
>>> msg = iv + cipher.encrypt(plaintext)
Classes
  DESCipher
DES cipher object
Functions
 
new(key, *args, **kwargs)
Create a new DES cipher
Variables
  MODE_ECB = 1
Electronic Code Book (ECB).
  MODE_CBC = 2
Cipher-Block Chaining (CBC).
  MODE_CFB = 3
Cipher FeedBack (CFB).
  MODE_PGP = 4
This mode should not be used.
  MODE_OFB = 5
Output FeedBack (OFB).
  MODE_CTR = 6
CounTer Mode (CTR).
  MODE_OPENPGP = 7
OpenPGP Mode.
  MODE_EAX = 9
EAX Mode.
  block_size = 8
Size of a data block (in bytes)
  key_size = 8
Size of a key (in bytes)
Function Details

new(key, *args, **kwargs)

 
Create a new DES cipher
Parameters:
  • key (byte string) - The secret key to use in the symmetric cipher. It must be 8 byte long. The parity bits will be ignored.
  • mode (a MODE_* constant) - The chaining mode to use for encryption or decryption. Default is MODE_ECB.
  • IV (byte string) - (Only MODE_CBC, MODE_CFB, MODE_OFB, MODE_OPENPGP).

    The initialization vector to use for encryption or decryption.

    It is ignored for MODE_ECB and MODE_CTR.

    For MODE_OPENPGP, IV must be block_size bytes long for encryption and block_size +2 bytes for decryption (in the latter case, it is actually the encrypted IV which was prefixed to the ciphertext). It is mandatory.

    For all other modes, it must be 8 bytes long.

  • nonce (byte string) - (Only MODE_EAX). A mandatory value that must never be reused for any other encryption. There are no restrictions on its length, but it is recommended to use at least 16 bytes.
  • counter (callable) - (Only MODE_CTR). A stateful function that returns the next counter block, which is a byte string of block_size bytes. For better performance, use Crypto.Util.Counter.
  • mac_len (integer) - (Only MODE_EAX). Length of the MAC, in bytes. It must be no larger than 8 (which is the default).
  • segment_size (integer) - (Only MODE_CFB).The number of bits the plaintext and ciphertext are segmented in. It must be a multiple of 8. If 0 or not specified, it will be assumed to be 8.
Returns:
an DESCipher object

Variables Details

MODE_ECB

Electronic Code Book (ECB). See blockalgo.MODE_ECB.
Value:
1

MODE_CBC

Cipher-Block Chaining (CBC). See blockalgo.MODE_CBC.
Value:
2

MODE_CFB

Cipher FeedBack (CFB). See blockalgo.MODE_CFB.
Value:
3

MODE_OFB

Output FeedBack (OFB). See blockalgo.MODE_OFB.
Value:
5

MODE_CTR

CounTer Mode (CTR). See blockalgo.MODE_CTR.
Value:
6

MODE_OPENPGP

OpenPGP Mode. See blockalgo.MODE_OPENPGP.
Value:
7

MODE_EAX

EAX Mode. See blockalgo.MODE_EAX.
Value:
9