Beefy Boxes and Bandwidth Generously Provided by pair Networks
XP is just a number
 
PerlMonks  

DES ECB mode encryption

by v4169sgr (Sexton)
on Aug 28, 2014 at 07:46 UTC ( #1098840=perlquestion: print w/replies, xml ) Need Help??

v4169sgr has asked for the wisdom of the Perl Monks concerning the following question:

I use Perl 5.10 ActivePerl 5.14 on win7. I am a humble user, and don't really understand what I am doing.

I have a requirement to connect to a remote host and send locally encrypted messages, using DES ECB mode encryption. This is not my choice, but a part of the requirement. I am trying to find out how to implement DES ECB mode encryption simply in Perl

I do not have access to a C compiler, and cannot be the local administrator on my machine. I don't have download rights either, but can copy / paste source from CPAN into .pm files in my C:. I have copied the source for DES.pm and ECB.pm to C:\Perl 5.10\lib\Crypt\ from CPAN.

In my script I use

use Crypt::ECB qw(encrypt decrypt encrypt_hex decrypt_hex);

and try using it as a proof of concept - the text is from FIPS PUB 81:

print encrypt_hex("0123456789abcdef", "DES", "Now is the time for all ", "1") . "\n";

However, when trying to run this, I see the following error:

Couldn't load Crypt::DES: Attempt to reload Crypt/DES.pm aborted. Compilation failed in require at (eval 27) line 3. Are you sure 'DES' is correct? If so, install Crypt::DES in the proper + path or choose some other cipher.

I think this is because I don't have a binary for DES (not sure what this means).

I did notice that there is a DES module written in Perl called Crypt::DES_PP. Would using this solve the problem and help me satisfy the requirement? If so, how can I use this module? (Basic, please, I don't understand much!)

Thanks in advance for any assistance!!!

Replies are listed 'Best First'.
Re: DES ECB mode encryption
by AppleFritter (Vicar) on Aug 28, 2014 at 09:28 UTC

    I do not have access to a C compiler, and cannot be the local administrator on my machine. I don't have download rights either

    You're fairly screwed then, I'd say.

    First: Crypt::DES is an XS module, meaning that parts of it are written in C; it can't be installed without a C compiler. Of course, that's only a concern if it's not already included as part of your Perl distribution (Strawberry Perl includes it; I don't know about ActiveState).

    Second: I'd advise against simply copying files into places to install a Perl module. If you absolutely cannot download a module at all, copy all the files into a specific directory structure as if you just downloaded and unpacked the module, and then install it the usual way (perl Makefile.PL etc).

    However, I think the best option will be to bug your local system administrators to either handle this for you, or give you the rights to handle it yourself, the proper way. Ultimately, this is a social problem rather than a technical one: you've been given a task but not the tools (rights) needed to complete it. Instead of trying to work around that, make sure you're given access to the tools you need to do your job.

    Good luck!

Re: DES ECB mode encryption
by thanos1983 (Parson) on Aug 28, 2014 at 10:27 UTC

    Hello v4169sgr,

    As AppleFritter pointed out, you really need to have the tools in order to complete your task.

    Well because you said that you are a basic user I think you will find this analytic tutorial How to install CPAN modules into ActivePerl very useful. But again you need to have administrative rights.

    About installing modules using strawberry Perl you can do it like this from the DOS window:

    perl -MCPAN -e shell install Crypt::ECB

    Alternatively, you can also download the .tar.gz from CPAN, unzip it and install as you would in Unix:

    cd Crypt-ECB-1.45 perl Makefile.PL dmake dmake test dmake install

    I found that some people mentioned that they have problems with the nmake command so in that case use the dmake command. More information about the problem you can read here (using dmake instead of nmake on Windows).

    I hope this can help you, after you get administrative rights.

    Seeking for Perl wisdom...on the process of learning...not there...yet!

      Thanks everyone for their great replies!

      I agree this is largely a social problem that I am trying to work around, but it will unfortunately not be possible for me to change my local machine rights.

      I also agree that VPN && SSL are far superior methods of securing the message stream, but the requirement is to evaluate a product's support for in-message DES ECB mode encryption, only.

      I checked earlier & can confirm that in my copy of the Active State perl distribution, the DES binary is not included. They only distribute SSL by default

      I've tried repeatedly installing using the perl shell route, but we have a proxy here that, even with appropriate authentication, still denies downloads.

      I also hear what you say about installing properly vs just copying the pm files, but I've really no other choice, and frankly copying the pm files into my C: has worked very well for me until now - I've copied perhaps 20-50 pms this way very successfully.

      I'd like to see if I can use the Crypt::DES_PP module. My understanding is that this module is implemented entirely in Perl, and does not require linking to a binary blob, or a C code interface. How would I go about using this module in the current context?

Re: DES ECB mode encryption
by Anonymous Monk on Aug 28, 2014 at 11:26 UTC
    You do not have to be an administrator of your local machine, but you must have access to a C compiler. A suitable C compiler might be available for free, for your machine, but you must have one. And you must follow the established Perl-package installation process for your system, which does a great many more things than just move files around. Once you do get the package installed correctly, you are probably using the right package.

    Even so, it is probably far more efficient to just purchase a couple of VPN-enabled routers and to use these to create a secure crypto-tunnel between the two machines, through which any sort of data can be sent without further encryption.
Re: DES ECB mode encryption
by RonW (Parson) on Aug 28, 2014 at 17:14 UTC

    While I haven't used Crypt::DES_PP, ECB mode is trivial. You just encrypt/decrypt the data, 8 bytes at a time, using the same key for every encrypt/decrypt operation.

    Since DES (aka Lucifer) was designed to work on early 1970s microprocesses (or even just on an array of logic gates), a pure Perl implementation should not have bad performance, so go ahead and try it.

    If you are curious about the various modes of encryption, see http://en.wikipedia.org/wiki/Block_cipher_mode_of_operation.

Log In?
Username:
Password:

What's my password?
Create A New User
Domain Nodelet?
Node Status?
node history
Node Type: perlquestion [id://1098840]
Approved by AppleFritter
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others examining the Monastery: (3)
As of 2022-05-22 14:42 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    Do you prefer to work remotely?



    Results (80 votes). Check out past polls.

    Notices?