


DES(1)                    USER COMMANDS                    DES(1)



NAME
     des - DES file encryption

SYNOPSIS
     des -e|-d [-h] [-k key] [-b]

DESCRIPTION
     des is a filter that encrypts or decrypts standard input  to
     standard  output  with  the  Data Encryption Standard (DES).
     Either -e (encrypt) or -d (decrypt) must  be  specified.  If
     the  key is not given on the command line with the -k option
     the command will prompt for it twice, suppressing  echo  and
     comparing the two responses to guard against mistyping.  The
     -h flag controls how the key string is  to  be  interpreted.
     Without  the -h flag, the key is an ASCII string.  Since DES
     ignores the low order bit of each key byte, the  high  order
     bit  is  set  for odd parity, thus retaining the information
     contained in the low order bit.  If the -h flag is set,  the
     key  string  is  interpreted as 16 hex/ASCII characters; the
     low order bit of each byte is again ignored as per  the  DES
     algorithm.  This allows the use of any arbitrary 56-bit key,
     including bytes representing control characters  that  could
     not be typed if the -h option were not used.

     By default, DES Cipher Block Chaining (CBC)  mode  is  used,
     with  an  initial vector (IV) of all zeros; if the -b option
     is specified,  Electronic  Code  Book  (ECB)  mode  is  used
     instead.

     Except for the -h option, this command  is  compatible  with
     the des command on the Sun Microsystems workstation.

SEE ALSO
     Sun Microsystems DES(1)  manual  page,  which  describes  in
     detail  how  the  length  of the file is encoded in the last
     block of ciphertext.

AUTHOR
     Phil Karn, KA9Q
















Sun Release 3.4    Last change: 24 March 1987                   1



