1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
/*
* Copyright (c) 1990 Dennis Ferguson. All rights reserved.
*
* Commercial use is permitted only if products which are derived from
* or include this software are made available for purchase and/or use
* in Canada. Otherwise, redistribution and use in source and binary
* forms are permitted.
*/
Sorry about the poor quality of installation instructions. Included
here are replacements for the DES portions of Eric Young's kerberos
DES library replacement. To use this you will need his distribution.
Untar the latter and:
(1) Copy all .c and .h files into the distribution directory. This will
overwrite some files and add others.
(2) Apply the patch included here to set_key.c in the distribution directory.
(3) Edit the Imakefile (or the Makefile) to include the following files
on the SRCS= line:
des_tables.c ecb_buffer.c make_sched.c
Add the following files to the OBJS= line:
des_tables.o ecb_buffer.o make_sched.o
Add the following file to the CODE= line:
des_tables.h
Recompile and you're done.
The salient differences between this DES and Eric Young's are as follows:
(1) There are no dependencies on byte ordering, the ability to do
unaligned loads and stores, or any other machine dependencies
that I know of. There are no #ifdef's. The code could probably
be made faster by adding such things, but not enough to be worth
it.
(2) Combined S and P tables are used for the inner loop of the cipher
routine and the E expansion is computed on the fly, like Eric
Young's code, but the computation is reordered from the standard
to save instructions.
(3) The initial and final permutations are table driven, and take
about the same amount of work as a single round of the inner
loop (i.e. only about 12% of the work done for an ecb encryption
is spent in the IP and FP code).
(4) Since NTP (for which this DES was originally implemented) uses
lots of keys to encrypt small things, the key permutation code
has been well worked over and is quite speedy (the amount of
work required to permute a key is on the order of that required
to do a single ECB encryption, more or less).
(5) Since the code required to do an ECB encryption using the tables
is actually fairly compact, even with lots of inlining, it was
implemented as a macro and is expanded in situ where needed.
On the one machine I ran a comparison on this code ran 80% faster than
Eric's, compiled into a slightly smaller space, and did pass destest.
I suspect this stuff is also faster, and not a lot larger, than the
library MIT doesn't export with kerberos. You mileage may vary.
The silly copyright was a (probably ineffective) afterthought. If it
really inconveniences you give me a call.
|