After seeing this video from Computerphile, I've got interested in implementing the Feistel cipher in LibCapy and play with it a bit. In this article I'll show you how to create a CLI application to encrypt data using LibCapy's CapyFeistelCipher object.
The Feistel cipher network is a framework to implement data encryption. It doesn't define completely the encryption algorithm by itself, but works in collaboration with an encryption function called a round function. It is a widely used network, for example in the DES or twofish algorithms.
In addition to the round function, it is wrapped in an operation mode, which improves its security. LibCapy implements the Feistel cipher in ECB, CBC and CTR modes, and a dummy round function for test purpose. A new private round function can easily be implemented thanks to class inheritance. Now, lets see how to implement your encryption app ! (the complete code is available at the end of the article)
Beware: the example below is just for didactic purpose. It uses the ECB operation mode and a very simple round function, hence doesn't provide much security. If you wish to modify it to make a really secured app out of it, by changing the round function and choosing the appropriate operation mode, refer to a data encryption expert, which I am not.
(The complete code is available at the end of the article)
First, lets define a structure to hold all the needed data.
Performing the encryption is as simple as creating the Feistel cipher instance (here in ECB operation mode for example):
If you want to use an operating mode needing a initialisation vector, you can set it with CapyArrChar* initVector = ...; $(cipher, setInitVector)(initVector); before ciphering/deciphering.
Here, I simply process the whole input/output as one single block. Another option is to split them into fixed size blocks and process them sequentially or in parallel.
The keys can be loaded from a text file, one per line, as follow:
The round function is defined and used as follow:
I'm using the modulo operator on the key index to leave the user free to use keys of any size. It is generally defined by the encryption algorithm.
To retrieve the paths to the keys and data from the command line, we'll use the command line parser provided by LibCapy. The argument definition looks as follow:
and the actual parsing is done with:
Of course we'll want to check the arguments passed by the user, and to process any problem cleanly, we'll use some purpose made exceptions:
The ExcToStr conversion function is set with:
and the arguments checking looks like this:
After the arguments have been checked, we can use them as follow:
I skip intentionally releasing memory and closing streams. This is done automatically at the end of the program, which is so small and simple that there is nothing to fear here. Everything put together, it becomes:
Compile with the following Makefile:
Example of use: