Contract-based Component System Design
Contract-based Component System Design
Holger Giese
Institut f¨u r Informatik,Westf¨a lische Wilhelms-Universit¨a t, Einsteinstra?e62,48149M¨u nster,GERMANY
gieseh@math.uni-muenster.de
Abstract
Component technology tries to solve many problems of todays software industry practice:the productivity and pro-duced quality should be increased and a better infrastruc-ture for maintenance of the products is promised.The in-tegration of off-the-shelf components to build customized products allows to source out the development of general purpose components.A crucial prerequisite for the in-tended scenario of component usage is their strong separa-tion.Especially in a distributed environment,synchroniza-tion aspects are of great importance to identify a suitable architecture and to decide whether a component matches some requirements.The presented approach allows to model the synchronization aspect of contracts in a?exible manner including a whole spectrum of different degrees of preciseness from declaration of abstraction barriers to com-plete synchronization speci?cations describing the explicit behavior.The used Petri net based OCoN behavior speci?-cation formalism is structurally embedded in the UML and supports analysis and design of component systems.
1.Introduction
The complexity of todays software projects is continu-ously growing and so does the need for sophisticated system analysis and design.Object-oriented analysis and design [5,32,22,12]offers methods for analysis,design and im-plementation of systems in a seamless fashion.In contrast to structured analysis[13],the transition from design to implementation is more continuous.Traditionally,object-oriented techniques are used to specify?ne grain structures using classes and their relations.Normally,one of the pop-ular object-oriented programming languages,like C++,is chosen as target language.Often,the overall architecture or the coarse grain structure has been neglected or ignored at all.On the other hand,a dedicated design of a suitable soft-ware architecture[34]is often needed to improve software quality and to provide better maintainable products.But the hope that object technology can be used to establish system-atic reuse has failed.The shift from objects to components re?ects these additional requirements.A?xed architectural basis and system level mechanisms instead of programming language mechanisms are the crucial point to handle the de-scribed additional requirements and to achieve a more?ex-ible notion for the composition of https://www.360docs.net/doc/0010263832.html,ponent technology[37]goes one step further in comparison with object-orientation as a language feature by decomposing an application or system into runtime elements,that can be build,analyzed,tested and maintained independently.The integration of available off-the-shelf components into appli-cations and their combination can help to further improve productivity and decrease the time to market in the software industry.
A development method for component based applica-tions and systems must be aware of additional problems. The design is further separated into component design, where a single independent shippable product for general use is the intention,and component system design,which considers combination and con?guration of given compo-nents or the decomposition of a task into given and appli-cation speci?c https://www.360docs.net/doc/0010263832.html,ponent design is restricted to isolated components having a?xed contract with the en-vironment,while the component system design has to con-sider the coarse grain design and separation.The isolation between design and implementation of a component has to be supported by the architecture and a suitable separation. Otherwise the postulated component exchangeability and independence between component provider and component integrating products is not realistic.Both kinds of design problems have to face the resulting problems of late inte-gration.The knowledge of common models for software testing using module and integration testing is not suf?cient any more.The component notion of quality has to satisfy higher expectations,because the late integration phase is not available for testing any more.Thus,software components have to be more robust than usual applications.This addi-tional demand for software quality may delay the develop-ment of a component market.The support for maintenance,
c2000IEEE.Published in the Proceedings of the Hawai’i International Conference On System Sciences,January4-7,2000,Maui,Hawaii.Personal use of this material is permitted.However,permission to reprint/republish this material for advertising or promotional purposes or for creating new collective works for resale or redistribution to servers or lists,or to reuse any copyrighted component of this work in other works must be obtained from the IEEE.
management and con?guration has to be integrated into the component infrastructure.
Up to now,software products often provide isolated solu-tions for business or industry applications.Today software begins to interlink the different isolated information system structures.Interoperability,?exible data exchange and shar-ing as well as support for group work become essential re-quirements.Thus,distribution and concurrency are aspects, further generations of software have to manage.
The presented approach provides techniques and nota-tions to tackle the additional requirements of component design.Structure and connections of component systems are speci?ed using the structure description notations of the UML[31],the de-facto standard for object-oriented mod-eling.The common notion of interfaces is extended by a protocol to support contract-based design for components. Synchronization restrictions can further be speci?ed in a ?exible manner to describe dependencies between different contracts of the same component.Thus,the concrete in-teraction can be speci?ed and architectural aspects become more obvious.
In the following section,several relevant characteristics of components and the available technology are discussed. Then,component synchronization and its impact is con-sidered in section3.The proposed approach is sketched in section4and its structural embedding into the UML is presented.An example in section5presents several differ-ent design decisions and their modeling with the approach. The article closes with some remarks on related work.
https://www.360docs.net/doc/0010263832.html,ponent Notion
A general notion of a component should also include tra-ditional component types like libraries or modules.Even when they do not support all characteristics of todays off-the-shelf component concepts,it is important to keep the basic concepts and their implications in mind.Besides the pure off-the-shelf component notion,there may exist sev-eral levels of component usage,which are of interest,too. Imported and exported types of a component are a rele-vant aspect as well as its connections with the environment. Szyperski[37,38]de?nes a component as follows:”A Soft-ware component is an unit of composition with contractu-ally speci?ed interfaces and explicit context dependencies only.A software component can be deployed independently and is subject to composition by third parties.”For each in-terface a component has either contractually obligations or demands and thus at least some kind of informal contract for each of them exists.
The general description of a component consists of the component or subsystem itself and its imported or exported contracts.To make the contract notion more concrete,the approach clearly distinguishes between exported contracts,
called provided and imported contracts,called used,w.r.t.a component.For provided contracts,the component has the obligation to serve it and for used ones the component may demand several contractual properties.
To?gure out which aspects are of importance for a suit-able contract notion,several characteristics of todays com-ponent concepts like linkage time and linkage typing are discussed next.Afterwards,the additional constraints for component design and the need to consider the synchroniza-tion between components is demonstrated.
A central characterization for component contracts or
connections is the point in time when the connections are established(linkage).The traditional cases are static link-age of subcomponents at construction time of a program, dynamic linkage during the program startup or runtime link-age where running components are interconnected.
The typing of linked connections is also of considerable interest.For interprocess communication,untyped interac-tion based on streams,shared memory,etc.or even ab-stract synchronization with mutex or semaphores are used, while linking programs,modules and libraries often sup-ports procedure typing on the compiler level.The case of runtime linkage is of special interest for todays component technology.Several levels of typing have been introduced.
On the socket level,several services based on TCP connec-tions have been standardized(ftp,nfs,http,etc.).To further support remote or local procedure call client/server inter-action,common packet formats and integrated marshaling stubs(e.g.DCE[9])have been used.These approaches still provide only a host-server abstraction,while object-oriented extensions introduce the object or interface notion to make service access points?rst class elements.CORBA
[27]started from scratch1989as an initiative to build an in-
teroperable object bus standard with suitable infrastructure.
Its main antagonist is Microsoft’s DCOM[10]which is a step by step extension of COM(component object model, formerly named common object model).These approaches allow to send and distribute interface references as usual parameter values.Java RMI[36]further extends this devel-opment by also supporting the object per value discipline within its remote method invocation mechanism.CORBA, DCOM and Java RMI are enabling technologies which pro-vide typed component linkage at runtime.To discuss this development,the relevant aspects for runtime linkage are of interest.
When untyped basis mechanisms like TCP sockets are the linkage mechanism,a suitable connection has to be de-scribed by de?ning all valid packet formats and an agree-ment on the protocol built upon the packet formats.When abstracting from the basic TCP protocol steps to estab-lish a connection,often simple stateless protocols like the common basic HTTP[3]protocol,which uses the re-quest/response scheme,are used.These protocols provide 2
a high degree of independence,which is often useful in a distributed environment.
The further improved typing using client/server ap-proaches manages the error prone encoding of packets and provides the higher level concept of a remote procedure call.In general this basic scheme of interaction does not make an explicit interaction protocol obsolete.Client/server systems often provide a stateless protocol,e.g.,NFS[35]is based on a standardized remote procedure call mechanism and is a stateless and idempotent protocol to handle con-nection aborts and re-transmissions.It is remarkable,that common network based services like NFS avoid any com-plex interaction with third components and thus build?nal leaves in the component tree or directed acyclic graph.
The CORBA or DCOM object bus approaches provide the illusion of a virtual object space,where interfaces instead of hosts abstract from physical locations.These references can be further distributed to make them available to other clients.But,their typing notion is still restricted to the syn-tactical interface https://www.360docs.net/doc/0010263832.html,plex protocols and their im-pact on a correct cooperation are not considered.The object bus interface concept does essentially combine data and be-havior by applying the object metaphor.Thus,the resulting protocols might not always remain stateless as common for the design of services like NFS or HTTP.
Traditionally,the basic mechanisms used for component reuse and static linkage are the libraries which provide a procedural abstraction with strict acyclic depending layers. The explicit sharing of resources is avoided where possible. The common components for dynamic linkage are either named shared library or dynamic link library(dll).They support a perfect separation for the using clients and pro-vide the perfect illusion of exclusive usage,too.Also,a lay-ered structure from the operating system API up to domain speci?c or more comfortable libraries is common.Both sce-narios provide contracts in an exclusive fashion and abstract from code or data sharing.The off-the-shelf component con-cept in contrast is intended to support arbitrary structures, has to be able to allow more sophisticated interaction con-cepts like callbacks.Also the restriction to stateless proto-cols is often not possible.
Besides the basic object bus infrastructure and a com-munication mechanism,component based development re-quires further aspects.DCOM supports components with its ActiveX or DNA architecture as well as Java Enterprise Jav-aBeans(EJB)[23].A speci?cation of a component model for CORBA is under development(see[1]).These com-ponent models improve the basic object bus technology by specifying interfaces for several basic component manage-ment aspects and support for component life cycles.But be-sides these technical solutions to obtain interoperable run-time components,the necessary contract speci?cation is ne-glected.In contrast to the former de?nition for components
which emphasizes the contract principle[24]as essential aspect of any component technology,the speci?cation of contracts in practice is not supported by any object bus tech-nology.Instead,the handling of interface contracts is as-sumed to take place in additional speci?cation documents and additional features like unique interface version num-bers are used to achieve consistency.
https://www.360docs.net/doc/0010263832.html,ponent Synchronization
Szyperski[37]identi?es another serious problem oc-curring when callbacks are used.He demands to spec-ify re-entrance conditions to cover these problems,but re-entrance is only a special case of the more general question how components may synchronize.When state based pro-tocols are considered and concurrency is present,a general treatment of synchronization aspects is
needed.
Figure1.Example structure for a callback
The structural situation of a callback is visualized in?g-ure1.The provided and used contracts build a cyclic depen-dency and thus the classical procedural abstraction fails and instead synchronization aspects have to be considered,too.
In classical layered hierarchical systems,callbacks against the hierarchy called up-call[11]cause several problems and enforce the library designer to provide a consistent library state even during such calls.
Using thread-safe objects does not ensure systems which are also re-entrance safe.Phenomena like self-recursion and re-entrance patterns additionally lead to deadlocks(so called self-infected deadlocks[8]).But even in simple cases,the system malfunction may be caused by synchro-nization effects.Consider,for example,the case of a com-ponent with a single thread of control.When it calls an-other component via a remote procedure,it is blocked until the request is processed and thus any callback is blocked.
If the called component waits for the callback to ful?ll the request,at least the?rst component is totally blocked for-ever due to a resource con?ict concerning its single thread.
For components in a distributed environment the situation becomes even more complex and the system operation may critically depend on the request scheduling strategy of the implementation.
Object-oriented type structures often contain cycles(re-cursive data types),but traditional object-oriented systems were not concurrent,and,hence,this aspect has often been ignored.In the case of multiple threads or concurrency in 3
general,the synchronization becomes even more important. Consider as an example the classical recursive de?ned di-rectory class.A?rst version may not support?le links and thus cycles are excluded.But when links are also consid-ered,a possibly cyclic structure is https://www.360docs.net/doc/0010263832.html,mon re-alizations like?le systems re?ect this by extending related tools to prevent in?nite processing(e.g.,Unix?nd com-mand).Directory like structures in distributed systems are found in an Internet name server.There,an asynchronous update scheme is used and thus no update request can lead to in?nite processing,because only the local cache content is propagated.The CORBA name service[28]also provides the directory access in such a way that any direct usage of related directories is excluded.Instead,the client has to tra-verse the structure on its own.By avoiding any global oper-ation,the synchronization and termination problems can be excluded,but the complexity is left to the clients.
Object protocols with states or some kind of life cycle are common in object-oriented systems.The possible pro-cessing orders are speci?ed,for example,by using Harel statecharts[19]in OMT[32]and path expressions in FU-SION[12].The life cycle or protocol describes the possible non uniform service availability provided by the object.
But this problem is also of crucial impact for the system design concerning change impact.The exponential growing model sizes coincide with an exponential growing number of implicit implementation dependencies.The transitive na-ture of synchronization for two connected component sys-tems causes this problem.Thus,to change a component implementation may in?uence every other implicitly con-nected one.This effect can be prevented by restricting the general interaction and structure as done in the case of li-braries.The approach proposed here avoids the demon-strated problems by using the abstraction barrier,visual-ized in?gure3,when suitable and the explicit speci?cation of synchronization if needed.The synchronization can even be described with different levels of preciseness.This also improves the resulting situation for the design of the sys-tem.Callbacks or even cyclic structures introduce complex interaction dependencies and the concrete external behav-ior has to be speci?ed very early in the design.Otherwise both involved components can not be further considered in isolation.Thus,the proposed approach does combine the improvement for the analysis and design as well as formal modeling by supporting abstraction barriers as design prin-ciple and as mechanisms to make a formal analysis feasible.
4.Contract-based Design
The presented approach emphasizes contract-based de-sign to improve separation using synchronization contracts, extends the contract notion to cover bilateral interaction in a manner which still leads to unilateral dependencies as well as the explicit design concerning the component contract structures and cycles.
The formalism of the OCoN approach[41,16,17,18] for seamless object-oriented behavior modeling is used also to cover the behavioral aspects of components.OCoN s (O bject Co ordination N ets)formally de?ned in[15],a spe-cial form of Petri nets[6],are used to describe the possible protocol interactions in a visual manner.These nets specify the intended interaction and allow to describe procedure-call and message-passing oriented interaction within one formalism.In object-oriented design practice,behavioral aspects are often only considered when already implement-ing the system.Thus,synchronization aspects have not been well or completely documented during design phase and the needed information concerning the synchronization with the environment are usually not available during the design.In contrast,the OCoN approach supports the model-ing of synchronization and coordination aspects during the design.The resulting component speci?cation can be ex-tracted from the component design and not from the imple-mentation.On the other hand,if contracts are speci?ed dur-ing the decomposition of the system,new general purpose or application speci?c component speci?cations including
their synchronization behavior are obtained.
By emphasizing the contract idea,the using and provid-ing components have to agree on each contract.The fol-lowing parts of a contract description can be distinguished:
a protocol describing the provided coordination sequences
and a functional speci?cation given by pre and post con-dition formulas.While the protocol is already considered during the design phase,the pre and post conditions can only be used for veri?cation and runtime checks.Thus,the approach concentrates on the protocol aspect,which can be supported by tools for restricted models.
The contract notion is of central relevance for the de-sign process.Nierstrasz[26]proposes to add a?nite state machine to an object interface to build regular types.This approach is extended by also integrating the occurrence of return alternatives and spontaneous contract behavior into the protocol speci?cation.Thus,instead of error prone di-rect callback designs,an encoding into the protocol states and spontaneous behavior can be used in most cases.Thus,
a client obtains an unilateral contract which does not con-
tain any obligations for the client side.The only exception is that the replies for pending operation calls must be at least buffered by the client to exclude the blocking of the called
component.
Figure4.An Observable contract
For an example consider the Observable contract pre-sented in?gure4,which provides a solution for the ob-server pattern that is still unilateral concerning the synchro-nization and typing dependencies.An additional arbitrary state change for the observable contract is modeled using
a quiescent step[15].Its occurrence is neither determined
nor guaranteed.The client may observe the state change and do an update as needed.The still unilateral contract thus can be used to avoid cyclic dependencies as introduced by the general scheme of a callback presented in?gure1.
Thus,the approach integrates bilateral interaction into an unilateral contract and can further provide maximal degree of?exibility for the using side(client).
The component behavior can be speci?ed in an oper-ational fashion also using the OCoN approach(see[17]).
Thus,the contract protocol can be used to simulate parts of a system in an abstract fashion by representing the envi-ronment by its contract protocols.But such explicit design 5
including several component internal aspects is not suitable
in general.A more abstract and implicit solution is needed.
Traditionally,architectural aspects are often neglected in object-oriented system design.By considering connec-
tions like connectors to be a kind of?rst class elements of an architecture(see[2]),it is achieved that the architec-tural aspect is speci?ed adequately.In order to apply the concept of connectors and the contract principle,an UML contract stereotype containing an interface describing a set of interaction steps and a protocol description specify-
ing the supported interaction orders is introduced.A sin-gle contract is unilateral and describes what behavior one interface of a component assures and how another compo-nent can interact with it.For a more detailed description see [18,15].
?contract?
Figure5.Structural extensions to the UML
The contract is used to describe the combination of an in-terface and a protocol net.In contrast to the UML interface notion,the contracts are instances and the relations among them are explicitly modeled as presented in?gure8.
There are two distinct kinds of contracts,exclusive and shared ones.This technical distinction for contracts is in conformance with the ISO Open Distributed Processing model[21],where implicit and explicit bound objects are distinguished.The exclusive contracts are interpreted as ex-plicit bound objects while shared contracts?t to implicit bound objects(cf.[25]).
For an exclusive contract,the interface circle symbol is used as a shortcut(see?gure5)and for all usage connec-tions an implicit xor and client side cardinality is assumed and thus omitted,too.For the connection to the providing component only the number of served instances is of in-terest.Each contract is served by exactly one component and thus the component side cardinality is omitted.For shared contracts also sharing by multiple clients is allowed and thus the usual cardinality annotations can be used for connections to the clients.A circle with double border is used as shortcut.The annotations for connections to the providing component are the same as for the exclusive case.
To provide the demanded component speci?cation,the syn-chronization of provided and used contracts has to be spec-i?ed.Two situations for contracts are further distinguished.
Either they are simple and their guaranteed operations are not restricted or an additional synchronization stereo-type is used to further restrict the protocol by introducing synchronizations with other provided or used contracts of the same component(see?gure5).These synchronization declarations are added to each component type and are addi-tionally visualized using a dashed box around every covered contract.Each contract can at most take place in one such synchronization and thus the dashed rectangles of one com-ponent can not share any contract
declaration.The Through synchronization presented in?gure5describes how the put and get operations of the provided contract InOut p are mapped to the used contracts u of the same type.The ac-tions with a shadow describe the processing of incoming re-quests for the p contract while the usual actions specify the requested operations for contract u.The synchronization is described using untyped places(circles)and additional pre and post condition arcs.Each requested put or get
is for-warded from p to u and the return is processed vice versa.
Figure6.Embedding and depend relation
Besides these explicit synchronization descriptions,also an implicit description using a synchronization dependency relation depend()is supported by the approach.The synchronization is not explicit described and instead any arbitrary but valid usage of used depending contracts and no synchronization with used independent(not connected) contracts is assumed.If neither an explicit speci?cation nor such an explicit relation is given,simply the worst case of
a full dependency relation is assumed.This way the tra-
ditional abstraction barrier between exported provide con-tracts and imported use contracts can be used.A behavior cover is build by all possible implementations for each pro-vided contract that synchronizes at most with all used con-tracts,the provided contract depends on().Each correct implementation has to respect this behavioral cover.Each orthogonal line to all depend arcs builds a suitable abstrac-tion barrier.But the provided abstraction is not valid in gen-6
eral.The transitive extension of all local depend annotations has to be acyclic to make the assumed abstraction a correct one.
As demonstrated in?gure6,the depend relation restricts the valid embedding of a component.But this way,an explicit and complete synchronization speci?cation can be avoided.The provided contract Con?g is used to con?gure the component and thus should be implemented in a fashion that does not rely on the used Use contract.In contrast,the Provide contract will rely on the correct responses of the Use contract.This dependency is speci?ed by de?ning a component speci?c depend relation””using dashed arcs. Thus,the possible component behavior is already restricted concerning the possible synchronization dependencies,but still a whole bunch of possible internal component behav-iors are suitable solutions.
Figure7.Spectrum of possible speci?cations
The provided mechanisms for contract speci?cation al-
low to specify the contract behavior and their synchroniza-
tion with several levels of granularity as presented in?g-
ure7.Starting during the component system design,the
relation may be left unspeci?ed and thus a complete de-
pend relation connection of each provided interface with all
used ones is assumed.When further knowledge about the
separation and wanted parallel availability for interfaces is
given,a re?ned view by specifying an explicit depend re-
lation is possible.If the planned embedding enforces the
explicit modeling of synchronization aspects concerning a
subset of the component contracts,this can be done using a
synchronization stereotype.Now,slices of the com-
ponent behavior can be speci?ed in an independent fashion.
A complete behavior description is also possible using a
single synchronization element that covers all provided and
used contracts.Thus,also a behavior description enclos-
ing the whole behavior as described in?gure3(right-hand-
side),is possible.The provided spectrum allows to specify
the behavior in the adequate level of granularity during the
decomposition of the design.For already?xed components,
e.g.off-the-shelf,provided by others,a speci?cation of suit-
able preciseness may be chosen and can be used to embed
them into a design.
To provide a sound framework to handle component
protocols and their synchronization,the correct behavioral
preorder describing a correct abstraction or re?nement is
needed.The given synchronization protocols can be com-
pared as labeled nets by considering the label occurrences.
The underlying formalism to determine a valid re?nement
or abstraction step concerning the component synchroniza-
tion is then reduction[7],which is the coarsest relation
w.r.t.preserving deadlock-freeness(see[40]).The symbol
is used where A B states that A is a valid re?nement
of B.The abstraction from?nite internal interaction can be
used to replace a synchronization combination by a single
more abstract version where the double covered contracts
are omitted(see for example?gure10).
5.Example
To give an example,the common pipeline processing of
a compiler is considered.The structure may consist of a
pre-processor phase for macro expansion as well as a com-
piler with lexical analysis,syntactical analysis,semantical
analysis,code generation and assembly stage.This soft-
ware architecture style provides a high degree of?exibility
and distinct stages may be exchanged on demand,e.g.,the
assembly stage to adjust the compiler to a certain hardware.
By specifying the data format for each stage transition,each
stage does only communicate with its predecessor and suc-
cessor and thus the coupling is minimized.In order to re-
duce the example complexity the same general interface for
each stage is assumed.Two solutions for a general pipeline
structure are presented.
Figure8.Pipeline with coordinator
The?rst way to build a pipeline structure is to use?lter
or transformer functionality in form of remote procedure
call s.The resulting components are very?exible concern-
ing further embedding and can be used for arbitrary requests
or in a coordinated fashion like the pipeline structure.A
7
pipeline can be build using a speci?c coordinator compo-nent,as demonstrated in ?gure 8for the trivial case of two stages.It is remarkable that the structure does not re?ect the pipeline and instead the usage relationship from the coordi-nator component to each stage is made explicit.
This ?exibility is a suitable reason to choose this so-lution,while ef?ciency reasons make this solution sub-optimal.The applied remote procedure call interaction and the central coordination using an additional coordination component results in doubling the communication and a possible bottleneck for long pipelines.The bottleneck can be avoided by using a tree like coordinator structure which further increases the communication overhead.Each node in the tree provides the same synchronization type as a leaf and abstracts from the inner pipeline structure.
A more ef?cient design can be build by avoiding the overhead of moving the data to the pipeline coordination component and vice versa.Instead,the stage components are directly connected and each component has to provide an input and output stream (see ?gure 10).
Figure 9.Transform component
The general scheme of independent provided contracts and a simple depend relation is not suf?cient any more.Instead,the complex contract notion specifying the
com-bined behavior of sets of provided and used contracts is needed.For the provided contract in and the used con-tract out a speci?c combined behavior is described in ?g-ure 9.This complex contract behavior is realized using a synchronization Stage ,which synchronizes the in and out contracts of
a single component.
An incoming start re-quest for in asynchronously triggers a start request for out and an internal place is initialized with a token.Afterwards each put is forwarded and returns immediately when no old put request for out is pending.Closing the contract is de-layed until the out contract con?rms the close request.Note,that the actions are a shorthand notation for two steps,a call
and a corresponding return step.For example,the out.close post condition is a pre condition of the in.close return step.The resulting processing speci?cation describes the explicit buffering behavior and thus even cyclic pipelines like ring structures may be build.
Stage
CombineStages
Figure 10.Pipeline of Transform components
For this non hierarchical structure it can also be ab-stracted from two or more stages by combining their com-plex contracts and abstracting from their inner communi-cation.See ?gure 10for the resulting behavioral cover
of two synchronously connected Stage synchronization re-strictions.The resulting common behavior of two stages has to describe the internal buffering in a concrete fash-ion.When an arbitrary but non-determined internal buffer-ing like described by the second abstraction,is used,the re-sulting behavioral cover can be combined and used only in a restricted way.Consider a cyclic pipeline case and combine of these abstract stage components.For a secure process-ing at most data packages can be inserted.Otherwise the cycling might be blocked and thus or more packages may not work.For such ring like structures abstracting from the buffering effect is not always useful.When abstracting from the buffer depth the information is lost and not avail-able.The ring structure will only work if at least one buffer element is still empty.If all buffer capacities are exhausted,each stage will be blocked by the next one and no progress is possible any more.Thus,abstracting from the buffering depth may be not appropriate.
The described two behaviors CombinedStage2and the more abstract version CombinedStages are valid abstrac-tions for the behavior preorder ().Their nets describe the explicit buffering where denotes token and the re-source of type int is initially ?lled with an arbitrary value
8
.This process of abstraction can also be reverted and the more concrete version can be considered as a re?nement of the coarser description.Hence,a pipeline build by several CombinedStages can be re?ned to a CombinedStage2or Stage.
6.Related Work
The presented approach extends the concept of regular types of Nierstrasz[26].In contrast to this reduction-based approach,do trace-based notions[30,25]not consider syn-chronization effects and exclude only message not under-stood errors.To reduce cycles in the usage graph,the uni-lateral contract notion is extended to include bilateral in-teraction.This way most of the error prone callback han-dling can be handled in a more suitable fashion.The pre-sented protocol formalism additionally covers distinct syn-chronization with the request replies,while Nierstrasz work is restricted to request acceptance.This way oracle like re-quests and the in?uence of distinguished replies on the re-sulting protocol state can be incorporated,too.The concept of explicit contract synchronizations and an implicit con-tract depend relation further extend the framework towards a?exible speci?cation tool for component synchronization.
The integration into the analysis and design level instead of the programming language or a formal calculus context is another distinction.The approach allows to consider syn-chronization and protocol aspects,which are of great impor-tance for the architecture design,already during the analy-sis and design.It supports the speci?cation for incomplete system,re?nement and explorative design evaluations by simulation.
Holland et al.[20]suggest a contract notion that ab-stracts from performance and resource consumption as-pects and includes safety and progress conditions,which are needed to predict the component behavior from a clients perspective.So called type obligations demand abstract attributes and interface aspects for each participant while causal obligations describe the ordered sequences for ac-tions and their effect on the attributes.The CA TALYSIS [14]approach emphasizes a pre and post condition concept but also contains a comparable concept as extension and suggests statecharts or sequence expressions to specify the order of internal called actions called raised actions.The general concept to describe object behavior for a group of objects is promising,but the resulting system is more suit-able for frameworks.The superposition of such interaction concepts is not always con?ict free and the pre and post conditions or invariants make an automatic tool support im-possible.In the area of object-oriented design for real-time systems,the ROOM[33]method also uses protocols de-?ned for a group of objects and signal based protocol roles called ports as connectors.In contrast to the presented ap-
proach,the protocol is used to describe the bilateral signal exchange and no notion for behavioral abstraction is consid-ered.The structural description techniques of the UML are used for the structural part of architecture descriptions.For behavior speci?cation,the OCoN approach is used,because it provides a seamless integration of used or provided con-tracts(see[17]).The behavior description techniques of the UML are not capable of these aspects.For a comparison between the OCoN approach and the behavior formalisms of the UML see[18].Remarks concerning the great variety of other proposed object-oriented Petri net notations can be found in[17].
7.Conclusion
The presented approach provides mechanisms to achieve
a higher degree of independence,to exclude implicit im-
plementation dependencies and make requirements and the provided behavior of components more concrete.The OCoN formalism together with the presented extensions provides a suitable framework for the described compo-nent design techniques.An external behavioral speci?ca-tion technique using synchronization slices and a declara-tive depend relation for implicit synchronization speci?ca-tion is presented.From the perspective of formal model speci?cation,a seamless transition from totally separated contracts and a dependency relation over slices of partial be-havior speci?cations to a complete external behavior spec-i?cation is supported.The unilateral contracts with possi-bly shared protocols re?ning the connector concept allow to analyze the quality of an architecture concerning decompo-sition on well established object-oriented knowledge.The formal description of interaction properties by object coor-dination nets allows the analysis of behavioral properties and possible interaction scenarios can be simulated and vi-sualized.
References
[1]Corba Components.(?nal submission),OMG TC Document
orbos/99-02-05,Mar.1999.
[2]R.Allen and D.Garlan.A Formal Basis for Architectural
Connections.ACM Transactions on Software Engineering
and Methodology,July1997.
[3]T.Berners-Lee,R.Fielding,U.Irvine,and H.Frystyk.Hy-
pertext Transfer Protocol–HTTP/1.0.IESG,May1996.
RFC1945.
[4] A.Beugnard,J.-M.Jezequel,and D.Watkins.Making Com-
ponents Contract Aware.IEEE Computer,32(7):38–45,July
1999.
[5]G.Booch.Object-Oriented Analysis and Design with Appli-
cations.Addison-Wesley,Menlo Park CA,1993.(Second
Edition).
9
[6]W.Brauer,W.Reisig,and G.Rozenberg[eds].Petri
Nets:Central Models(part I)/Applications(part II),LNCS 254/255.Springer Verlag,Berlin,1987.
[7] E.Brinksma,G.Scollo,and C.Steenbergen.Lotos Spec-
i?cations,Their Implementations and Their Tests.In
G.Bochmann and B.Sarikaya,editors,Protocol Speci?ca-
tion,Testing and Veri?cation,pages349–360.North Hol-land,1987.
[8]L.Cardelli.Obliq:A Language with Distributed Scope.
Techreport,DEC System Research Center,Palo Alto,1994.
DEC SRC Research Report122.
[9] D.Chappell.The OSF Distrbuted Computing Environ-
ment(DCE).In R.Khanna,editor,Distributed Computing: Implementations and Managment Strategies.Prentice Hall, 1994.
[10] D.Chappell.Understanding ActiveX and OLE-A Guide for
Developers and Managers.Microsoft Press,1996.
[11] D.D.Clark.Structuring a system using up-calls,Pro-
ceedings10th ACM Symposium on Operating System Prin-ciples.ACM Operating System Reviews,19(5):171–180, 1985.
[12] D.Coleman,P.Arnold,S.Bodoff,C.Dollin,H.Gilchrist,
F.Hayes,and P.Jeremaes.Object-Oriented Development:
The Fusion Method.Prentice-Hall,1994.
[13]T.DeMarco.Structured Analysis and System Speci?cation.
Engelwood Cliffs:Yourdon Press,1978.
[14] D.F.D’Souza and A.C.Wills.Objects,Components,and
Frameworks with UML:The Catalysis Approach.Prentice-Hall,1999.
[15]H.Giese.Object Coordination Nets2.0–Semantics Speci?-
cation.Techreport,University M¨u nster,Computer Science, May1999.15/99-I.
[16]H.Giese,J.Graf,and G.Wirtz.Modeling Distributed Soft-
ware Systems with Object Coordination Nets.pages107–116,July1998.Proc.Int.Symposium on Software En-gineering for Parallel and Distributed Systems(PDSE’98), Kyoto,Japan.
[17]H.Giese,J.Graf,and G.Wirtz.Seamless Visual Object-
Oriented Behavior Modeling for Distributed Software Sys-tems.In IEEE Symposium On Visual Languages,Tokyo, Japan,Sept.1999.
[18]H.Giese,J.Graf,and G.Wirtz.Closing the Gap Between
Object-Oriented Modeling of Structure and Behavior.In The Second International Conference on The Uni?ed Modeling Language Fort Collins,Colorado,USA,Oct.1999. [19] D.Harel.Statecharts:A Visual Formalism for complex sys-
tems.Science of Computer Programming,3(8):231–274, 1987.
[20]I.M.Holland.Specyfying reusable components using con-
tracts.In L.Madsen,editor,ECOOP’92-Object-Oriented Programming,6th European Conference,Uetrecht,Nether-lands,LNCS615,pages287–308.Springer Verlag,June 1992.
[21]ISO/IEC.Open Distributed Processing Reference Model
-parts1,2,3,4,1995.ISO10746-1,2,3,4or ITU-T X.901,2,3,4.
[22]I.Jacobson,M.Christerson,P.Jonsson,and G.¨Overgaard.
Object-Oriented Software Engineering:a use case driven approach.Addison-Wesley,1992.
[23]V.Matena and M.Hapner.Enterprise JavaBeans Speci-
?cation.Sun Microsystems,May1999.Version1.1,Public
Draft.
[24] B.Meyer.Object-Oriented Software Construction.Prentice
Hall,1997.2nd edition.
[25] E.Najm,A.Numour,and J.-B.Stefani.In?nite Types
for Distributed Object Interfaces.In P.Ciancarini,A.Fan-
techi,and R.Gorrieri,editors,Proc.3rd Int.Conf.on For-
mal Methods for Open Object-based Distributed Systems
(FMOODS),February15-18,1999,Florence,Italy,pages
353–369.Kluewer Academic Publischers,1999.
[26]O.Nierstrasz.Regular Types for Active Objects.In O.Nier-
strasz and D.Tsichritzis,editors,Object-Oriented Software
Composition,pages99–121.Prentice Hall,1995.
[27]Object Management Group.The Common Object Request
Broker:Architecture and Speci?cation,CORBA/IIOP2.2
Speci?cation,Feb.1998.Revision2.2:OMG Technical
Document formal/98-07-01.
[28]Object Managment Group.CORBAservices:Common Ob-
ject Services Speci?cation,Nov.1997.Revision2.1.
[29] C.Peter and F.Puntigam.Coordination of CORBA Objects
with Process Types.In N.Davies,K.Raymond,and J.Seitz,
editors,Middleware98,IFIP International Conference on
Distributed Systems Platforms and Open Distributed Pro-
cessing.Springer Verlag,1998.(online report).
[30] F.Puntigam.Coordination Requirements Expressed in
Types for Active Objects.In M.Aksit and S.Matsuoka,ed-
itors,ECOOP’97-Object-Oriented Programming,11th Eu-
ropean Conference,Jyv¨a skyl¨a,Finland,LNCS1241,pages
367–388.Springer Verlag,June1997.
[31]Rational Software Corporation.Uni?ed Modelling Lan-
guage1.1,Sept.1997.
[32]J.Rumbaugh,M.Blaha,W.Premerlani, F.Eddy,and
W.Lorensen.Object-Oriented Modeling and Design.Pren-
tice Hall,1991.
[33] B.Selic,G.Gullekson,and P.Ward.Real-Time Object-
Oriented Modeling.Wiley,1994.
[34]M.Shaw and D.Garlan.Software Architecture:Perspectives
on an emerging Discipline.Prentice Hall,1996.
[35]Sun Microsystems.NFS:Network File System,Version3
Protocol Specifcation,Feb.1994.
[36]Sun Microsystems Inc.Java Remote Method Invocation
Speci?cation,Oct.1998.Revision1.50,JDK1.2.
[37] https://www.360docs.net/doc/0010263832.html,ponent Software,Beyond Object-
Oriented Programming.Addison-Wesley,1997.
[38] C.Szyperski and C.P?ster.Workshop on Component-
Oriented Programming,Summery.In M.M¨u lh¨a user,ed-
itor,Special Issues in Object-Oriented Programming–
ECOOP’96Workshop Reader.dpunkt,Heidelberg,1997.
[39] A.Valmari.The State Explosion Problem.In W.Reisig
and G.Rozenberg,editors,Lectures on Petri Nets I:Basic
Models,Advances in Petri Nets1998Part I,LNCS1491,
pages429–528.Springer Verlag,1998.
[40]W.V ogler.Failures Semantics and Deadlocking of Modular
Petri Nets.Acta Informatica,26:333–348,1989.
[41]G.Wirtz,J.Graf,and H.Giese.Ruling the Behavior of
Distributed Software Components.In H.R.Arabnia,ed-
itor,Proc.Int.Conf.on Parallel and Distributed Process-
ing Techniques and Applications(PDPTA’97),Las Vegas,
Nevada,July1997.
10
DES算法Java实现源代码
package des; /** * 加密过程: * 1.初始置换IP:将明文顺序打乱重新排列,置换输出为64位。 * 2.将置换输出的64位明文分成左右凉拌,左一半为L0,右一半称为R0,各32位。 * 3。计算函数的16轮迭代。 * a)第一轮加密迭代:左半边输入L0,右半边输入R0:由轮函数f实现子密钥K1对R0的加密, * 结果为32位数据组f(R0,K1), * b)第二轮加密迭代:左半边输入L1=R0,右半边输入R1=L0⊕f(R0,K1),由轮函数f实现子密钥 * K2对R1的加密,结果为32位数据组f(R1,K2),f(R1,K2)与L1模2相加,得到一个32为数据组L1⊕f(R1,K2). * c)第3到16轮迭代分别用密钥K3,K4……K16进行。4.再经过逆初始置换IP-1,将数据打乱重排,生成64位密文。 * * 子密钥生成过程: * 1.将64位的密钥经过PC-1置换生成56位密钥。 * 2.将56位的密钥分成左右两部分,分别进行移位操作(一共进行16轮),产生16个56位长度的子密钥。 * 3.将16个56位的子密钥分别进行PC-2置换生成16个48位的子密钥。 * * 轮函数f的工作过程: * 1.在第i次加密迭代过程中,扩展置换E对32位的Ri-1的各位通过置换表置换为48位的输出。 * 2.将该48位的输出与子密钥Ki进行异或操作,运算结果经过S盒代换运算,得到一个32位比特的输出。 * 3。该32位比特输出再经过P置换表进行P运算,将其各位打乱重排,生成32位的输出。 * * author Ouyang * */ public class Des { int[] byteKey; public Des(int[] byteKey) { this.byteKey = byteKey; } private static final int[] IP = { 58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4, 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48,
DES算法及其程序实现
DES算法及其程序实现 一.D ES算法概述 ①DES算法为密码体制中的对称密码体制,又被成为美国数据加密标准,是1972年美国IBM公司研制的对称密码体制加密算法。明文按64位进行分组,密钥长64位,密钥事实上是56位参与DES运算(第8、16、24、32、40、48、56、64位是校验位,使得每个密钥都有奇数个1)分组后的明文组和56位的密钥按位替代或交换的方法形成密文组的加密方法。 ②DES算法的特点:分组比较短、密钥太短、密码生命周期短、运算速度较慢。 ③DES算法把64位的明文输入块变为64位的密文输出块,它所使用的密钥也是64位,整个算法的主流程图如下: 二.D ES算法的编程实现 #include
const static char ip[] = { //IP置换 58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4, 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8, 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3, 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7 }; const static char fp[] = { //最终置换 40, 8, 48, 16, 56, 24, 64, 32, 39, 7, 47, 15, 55, 23, 63, 31, 38, 6, 46, 14, 54, 22, 62, 30, 37, 5, 45, 13, 53, 21, 61, 29, 36, 4, 44, 12, 52, 20, 60, 28, 35, 3, 43, 11, 51, 19, 59, 27, 34, 2, 42, 10, 50, 18, 58, 26, 33, 1, 41, 9, 49, 17, 57, 25 }; const static char sbox[8][64] = { //s_box /* S1 */ 14, 4, 13, 1, 2, 15, 11, 8, 3, 10, 6, 12, 5, 9, 0, 7, 0, 15, 7, 4, 14, 2, 13, 1, 10, 6, 12, 11, 9, 5, 3, 8, 4, 1, 14, 8, 13, 6, 2, 11, 15, 12, 9, 7, 3, 10, 5, 0, 15, 12, 8, 2, 4, 9, 1, 7, 5, 11, 3, 14, 10, 0, 6, 13, /* S2 */ 15, 1, 8, 14, 6, 11, 3, 4, 9, 7, 2, 13, 12, 0, 5, 10, 3, 13, 4, 7, 15, 2, 8, 14, 12, 0, 1, 10, 6, 9, 11, 5, 0, 14, 7, 11, 10, 4, 13, 1, 5, 8, 12, 6, 9, 3, 2, 15, 13, 8, 10, 1, 3, 15, 4, 2, 11, 6, 7, 12, 0, 5, 14, 9, /* S3 */ 10, 0, 9, 14, 6, 3, 15, 5, 1, 13, 12, 7, 11, 4, 2, 8, 13, 7, 0, 9, 3, 4, 6, 10, 2, 8, 5, 14, 12, 11, 15, 1, 13, 6, 4, 9, 8, 15, 3, 0, 11, 1, 2, 12, 5, 10, 14, 7, 1, 10, 13, 0, 6, 9, 8, 7, 4, 15, 14, 3, 11, 5, 2, 12, /* S4 */ 7, 13, 14, 3, 0, 6, 9, 10, 1, 2, 8, 5, 11, 12, 4, 15, 13, 8, 11, 5, 6, 15, 0, 3, 4, 7, 2, 12, 1, 10, 14, 9, 10, 6, 9, 0, 12, 11, 7, 13, 15, 1, 3, 14, 5, 2, 8, 4, 3, 15, 0, 6, 10, 1, 13, 8, 9, 4, 5, 11, 12, 7, 2, 14,
DES算法源代码
#include
DES算法源代码
void main() { //声明变量 char MingWen[104]; //存放原始的明文 char target[8]; //将明文断成8个字符的一个分组 char InputKey[8]; //存放字符型的八位密钥 int text[64]; //存放一个分组转成二进制后的数据 int text_ip[64]; //存放第一次初始换位的结果 int L0[32],Li[32]; //将64位分成左右各32位进行迭代 int R0[32],Ri[32]; int RE0[48]; //存放右半部分经过E表扩展换位后的48位数据 int key[64]; //存放密钥的二进制形式 int keyPC1[56]; //存放密钥key经过PC1换位表后变成的56位二进制 int A[28]; //将keyPC1分成左右两部分,左部A,右部B,各28位,以便进行循环左移 int B[28]; int keyAB[56]; //将循环左移后两部分的结果合并起来 int K[16][48]; //存放16次循环左移产生的子密钥 int RK[48]; //存放RE和K异或运算后的结果 int RKS[8]; //存放经过查找8个S表后得到的8个十进制结果 int SP[32]; //将RKS表中的十进制数化成二进制 int RKSP[32]; //存放SP表经过P盒换位后的结果 int text_end[64]; //存放经过左右32位换位后的结果 int text_out[14][64]; //存放初始化向量和所有经过DES的分组的二进制 char init[9]={"HTmadeit"}; //设置初始化向量为“HTmadeit” int CBC[64]; int result[13][64];
DES算法实现过程分析
DES算法实现过程分析 来源:中国论文下载中心 [ 03-03-18 14:30:00 ] 作者:本站会员编辑:丢oO丢oO 1. 处理密钥: 1.1 从用户处获得64位密钥.(每第8位为校验位,为使密钥有正确的奇偶校验,每个密钥要有奇数个”1”位.(本文如未特指,均指二进制位) 1.2 具体过程: 1.2.1 对密钥实施变换,使得变换以后的密钥的各个位与原密钥位对应关系如下表所示: 表一为忽略校验位以后情况 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 57 49 41 33 25 17 9 1 58 50 42 34 26 18 10 2 59 51 43 35 27 19 11 3 60 52 44 36 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 63 55 47 39 31 23 15 7 62 54 46 38 30 22 14 6 61 53 45 37 29 21 13 5 28 20 12 4 1.2.2 把变换后的密钥等分成两部分,前28位记为C[0], 后28位记为D[0]. 1.2.3 计算子密钥(共16个),从i=1开始。 1.2.3.1 分别对C[i-1],D[i-1]作循环左移来生成C[i],D[i].(共16次)。每次循环左移位数 如下表所示: 循环次数1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 左移位数1 1 2 2 2 2 2 2 1 2 2 2 2 2 2 1 1.2.3.2 串联C[i],D[i],得到一个56位数,然后对此数作如下变换以产生48位子密钥K[i]。变换过程如下: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 14 17 11 24 1 5 3 28 15 6 21 10 23 19 12 4 26 8 16 7 27 20 13 2 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 41 52 31 37 47 55 30 40 51 45 33 48 44 49 39 56 34 53 46 42 50 36 29 32 1.2.3.3 按以上方法计算出16个子密钥。 2.对64位数据块的处理: 2.1 把数据分成64位的数据块,不够64位的以适当的方式填补。 2.2对数据块作变换。 bit goes to bit bit goes to bit 58 1 57 33 50 2 49 34
DES算法的简介及编程实现
实验一DES算法 实验目的: 1.深入了解DES算法的原理、特点、密钥及输入输出 2.通过编程来模拟DES算法的加密及解密过程 实验内容: 一.D ES算法概述 ①DES算法为密码体制中的对称密码体制,又被成为美国数据加密标准,是1972年美国IBM公司研制的对称密码体制加密算法。明文按64位进行分组,密钥长64位,密钥事实上是56位参与DES运算(第8、16、24、32、40、48、56、64位是校验位,使得每个密钥都有奇数个1)分组后的明文组和56位的密钥按位替代或交换的方法形成密文组的加密方法。 ②DES算法的特点:分组比较短、密钥太短、密码生命周期短、运算速度较慢。 ③DES算法把64位的明文输入块变为64位的密文输出块,它所使用的密钥也是64位,整个算法的主流程图如下:
二.D ES算法的编程实现 #include
DES算法实现 课程设计
通达学院课程设计Ⅱ报告( 2016/ 2017学年第 1 学期) 题目: DES算法实现 专业计算机科学与技术(信息安全) 学生姓名 班级学号 指导教师王波 指导单位计算机学院信息安全系 日期
DES算法的实现 一、课题内容和要求 对称加密就是加密和解密所用的密钥是一样的,加密的强度很大程度上在于密钥的强度以及加密算法的保密,最常见的对称加密算法有DES、IDEA、RC4、RC5等。本设计题要求实现DES加密和解密算法,能对文件实现加解密。 二、对设计要求的理解 DES是一个分组密码算法,使用64位密钥(除去8位奇偶校验,实际密钥长度为56位)对64比特的数据分组(二进制数据)加密,产生64位密文数据。DES是一个对称密码体制,加密和解密使用同意密钥,解密和加密使用同一算法(这样,在硬件与软件设计时有利于加密单元的重用)。DES的所有的保密性均依赖于密钥。 程序主要采取对数据的位操作的形式,把明密文文件中的内容以字节为单位读取,每次读取8个byte共65bits,然后使用标准DES的算法依次对读取的64bits明密文进出加解密处理。文件的路径的输入有比较严格的格式约束。如:盘符名:\\文件名.txt 格式错误则会导致文件打开失败,不能进行加解密操作。 三、概要设计 这个程序主要是 DES算法部分的加密和解密,还有后面对文件的操作。 程序主要流程图如下: 图-1 程序流程图
这个程序的关键在DES算法的操作,主要有下的主要步骤: 1.初始置换 IP; 2.子密钥 Ki 的获取; 3.密码函数 f ; 4.尾置换 IP-1 ; 下面是具体的几个过程: 1)初始置换IP 这一部分很简单,IP(initial permutation)是一个 8x8 的置换表: int IP[] = { 58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4, 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8, 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3, 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7 }; 根据表中的规定,将输入的 64 位明文重新进行排序,即将第 58 位放到第 1 位,第 50 位放到第 2 位……以此类推。初始置换以后得到的是一个 64 位的输出。 2)子密钥 Ki 的获取 用户输出的密钥是 64 位的,根据密钥置换表PC-1,将 64 位变成 56 位密钥。(去掉了奇偶校验位)将 PC-1 置换得到的 56 位密钥,分为前28位 C0 和后28位 D0,分别对它们进行循环左移,C0左移得到 C1,D0 左移得到 D1。将 C1 和 D1 合并成 56 位,然后通过PC-2表进行压缩置换,得到当前这一轮的 48 位子密钥 K1 。然后对 C1 和 D1 进行左移和压缩置换,获取下一轮的子密钥……一共进行16轮,得到 16 个 48 位的子密钥。 3)密码函数 f ●密码函数f(R, K)接受两个输入:32 位的数据和 48 位的子密钥。然后: ●通过表 E 进行扩展置换,将输入的 32 位数据扩展为 48 位; ●将扩展后的 48 位数据与 48 位的子密钥进行异或运算; ●将异或得到的 48 位数据分成 8 个 6 位的块,每一个块通过对应的一个 S 表产 生一个 4 位的输出。 其中,每个 S 表都是 4 行 16 列。具体的置换过程如下:把 6 位输入中的第 1 位和第 6 位取出来行成一个两位的二进制数 x ,作为 Si 表中的行数(0~3);把 6 位
DES加密算法文档
北京工业大学 网络与信息安全概论 学院: 专业: 指导老师: 姓名: 学号:
目录 目录 (2) 一、DES算法的基本原理 (3) 1.1背景介绍 (3) 1.2加密原理 (3) 二、DES算法的详细步骤 (4) 2.1加密详细步骤 (4) 2.2压缩置换到56位 (5) 2.3 C0和D0的分类 (6) 2.4循环左移 (6) 2.5压缩置换 (7) 三、DES算法的实现 (7) 3.1详细设计 (8) 3.1.2加密/解密文件的预览 (8) 3.2文件的加密/解密 (9) 3.3系统测试 (11) 3.4总结 (14)
一、DES算法的基本原理 1.1背景介绍 1977年1月,美国政府颁布:采纳IBM公司设计的方案作为非机密数据的正式数据加密标准(DES-Data Encryption Standard)。 DES (Data Encryption Standard),是IBM在上个世纪70年代开发的单密钥对称加解密算法。该算法利用一个56+8奇偶校验位(第8, 16, 24, 32, 40, 48, 56, 64位)=64位的密钥对以64位为单位的块数据进行加解密。 1.2加密原理 DES算法是这样工作的:如Mode为加密,则用Key 去把数据Data进行加密,生成Data的密码形式(64位)作为DES的输出结果;如Mode为解密,则用Key去把密码形式的数据Data解密,还原为Data的明码形式(64位)作为DES的输出结果。 在通信网络的两端,双方约定一致的Key,在通信的源点用Key对核心数据进行DES加密,然后以密码形式在公共通信网(如电话网)中传输到通信网络的终点,数据到达目的地后,用同样的Key对密码数据进行解密,便再现了明码形式的核心数据。这样,便保证了核心数据(如PIN、MAC等)在公共通信网中传输的安全性和可靠性。 通过定期在通信网络的源端和目的端同时改用新的Key,便能更进一步提高数据的保密性,这正是现在金融交易网络的流行做法。
DES加密算法的实现(详细版)
v 3DES加密算法的实现毕业论文 一、DES加密及解密算法程序源代码: #include
网络安全DES算法实现大作业报告
基于DES算法的数据加密解密的软件实现 摘要 随着信息社会的到来,人们在享受信息资源所带来的巨大的利益的同时,也面临着信息安全的严峻考验。信息安全已经成为世界性的现实问题,信息安全问题已威胁到国家的政治、经济、军事、文化、意识形态等领域,同时,信息安全问题也是人们能否护自己的个人隐私的关键。信息安全是社会稳定安全的必要前提条件。本文是一篇讨论关于常用文件加密解密算法的技术调研论文,它详细的讲述了文件加密解密算法实现的过程中所用到的方法、技术。对公钥密码体制和私钥密码体制进行了分析和研究,并对公钥密码体制和私钥密码体制的代表DES算法进行了研究。 关键字:文件解密,文件加密,密码体制,DES。 第一章 DES算法的技术背景介绍 1.1 背景与意义 DES是由美国IBM公司于20世纪70年代中期的密码算法发展而来的,在1977年1月15日,美国国家标准局正式公布实施,并得到了ISO的认可。在过去近20年的时间里,DES被广泛应用于美国联邦和各种商业信息的安全保密工作中,经受信了各种密码分析和攻击,体现出了令人满意的字全性。但随着密码分析技术和计算能力的提高,1994年,美国决定不再使用DES算法,目前DES算法已被更为安全的加解密算法取代。虽然这样,但是目前还无法将DES加密算法彻底破解掉,而且DES算法的加解密算法非常快,仍是目前使用最为普遍的对称密码算法。在国内,随着三金工程尤其是金卡工程的启动,DES算法在POS、A TM、磁卡及智能卡、加汕站、高速公路收费站等领域被广泛应用,以此来实现关键数据的保密,如信用卡人的PIN码加密伟输,IC卡与POS机之间的双向认证、金融交易数据包的MAC校验等,均用到DES算法。 1.2 系统设计 1.2.1 系统主要目标 基本要求部分: 1.能够对一个明文分组进行加密,加密后能够正确解密。 2.程序运行时可以输出任一组密钥。因为实现了对任意长度明加密,所以没输出每一轮加密后的结果。因为当明文长度过长时,每一轮加密结果会很多。 3.程序有良好的人机交互操作。 较高要求部分: 1.如果明文不止一个分组,程序能完成分组,然后加密;最后一个分组长度不足时要求完成填充。 2.密钥采用ASCII码,明文输入信息可以是文字(可以是汉字或英文,要求不止一个加密分组长度),任意字符。进行加密后,能够进行正确的解密。
DES算法的C语言代码及实现
DES算法的C语言代码及实现 首先新建头文件des_encode.H 内容如下: void EncodeMain(); //EncodeMain function void DecodeMain(); //Sorry ,it has not used void Decode(int *str,int *keychar); //decode :input 8 chars,8 keychars void Encode(int *str,int *keychar); //encode: input 8 chars,8 keychars void keyBuild(int *keychar); //create key array void StrtoBin(int *midkey,int *keychar); //change into binary void keyCreate(int *midkey2,int movebit,int i); //call by keyBuild void EncodeData(int *lData,int *rData,int *srt); //encodedata function void F(int *rData,int *key); //F function void Expand(int *rData,int *rDataP); //Expand function void ExchangeS(int *rDataP,int *rData); //S-diagram change void ExchangeP(int *rData); //P change void FillBin(int *rData,int n,int s); // data to binary;call by S-Diagram change function void DecodeData(int *str,int *lData,int *rData); //DecodeData from binary int IP1[]={58, 50, 42, 34, 26, 18, 10, 2, 60, 52, 44, 36, 28, 20, 12, 4, //initial change 62, 54, 46, 38, 30, 22, 14, 6, 64, 56, 48, 40, 32, 24, 16, 8, 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3, 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7,
DES算法用C++实现的源代码
DES算法用C++实现的源代码 用C++实现的源代码 #include "memory.h" #include "stdio.h" enum {encrypt,decrypt};//ENCRYPT:加密,DECRYPT:解密 void des_run(char out[8],char in[8],bool type=encrypt); //设置密钥 void des_setkey(const char key[8]); static void f_func(bool in[32],const bool ki[48]);//f函数 static void s_func(bool out[32],const bool in[48]);//s盒代替 //变换 static void transform(bool *out, bool *in, const char *table, int len); static void xor(bool *ina, const bool *inb, int len);//异或 static void rotatel(bool *in, int len, int loop);//循环左移 //字节组转换成位组 static void bytetobit(bool *out,const char *in, int bits); //位组转换成字节组 static void bittobyte(char *out, const bool *in, int bits); //置换IP表 conststatic char ip_table[64]={58,50,42,34,26,18,10,2,60,52,44,36,28,20,12,4,62,54,46,38,30,22,14,6,64,56,48,40, 32,24,16,8,57,49,41,33,25,17,9,1,59,51,43,35,27,19,11,3,61,53,45,37,29,21,13,5,63,55,47,39,31,2 3,15,7}; //逆置换IP-1表 const static char ipr_table[64]={40,8,48,16,56,24,64,32,39,7,47,15,55,23,63,31,38,6,46,14,54,22,62,30,37,5,45,13, 53,21,61,29,36,4,44,12,52,20,60,28,35,3,43,11, 51,19,59,27,34,2,42,10,50,18,58,26,33,1,41,9,49,1 7,57,25}; //E 位选择表 static const char e_table[48]={32,1, 2, 3, 4, 5,4, 5, 6, 7, 8, 9,8, 9, 10,11,12,13,12,13,14,15,16,17,16,17,18,19,20,21,20,21,22,23,24,25,24,25,26,27,28,29,28,29,30,3 1,32,1}; //P换位表 const static char p_table[32]={16,7,20,21,29,12,28,17,1,15,23,26,5,18,31,10,2,8,24,14,32,27,3,9,19,13,30,6,22,11, 4,25}; //pc1选位表 const static char pc1_table[56]={ 57,49,41,33,25,17,9,1, 58,50,42,34,26,18,10,2, 59,51,43,35,27,19,11,3, 60,52,44,36,63,55,47,39, 31,23,15,7,62,54,46,38, 30,22,14,6,61,53,45,37, 29,21,13,5,28,20,12,4
DES算法源代码-JAVA
DES算法提供CBC, OFB, CFB, ECB四种模式,MAC是基于ECB实现的。 一、数据补位 DES数据加解密就是将数据按照8个字节一段进行DES加密或解密得到一段8个字节的密文或者明文,最后一段不足8个字节,按照需求补足8个字节(通常补00或者FF,根据实际要求不同)进行计算,之后按照顺序将计算所得的数据连在一起即可。 这里有个问题就是为什么要进行数据补位?主要原因是DES算法加解密时要求数据必须为8个字节。 二、ECB模式 DES ECB(电子密本方式)其实非常简单,就是将数据按照8个字节一段进行DES加密或解密得到一段8个字节的密文或者明文,最后一段不足8个字节,按照需求补足8个字节进行计算,之后按照顺序将计算所得的数据连在一起即可,各段数据之间互不影响。 三、CBC模式 DES CBC(密文分组链接方式)有点麻烦,它的实现机制使加密的各段数据之间有了联系。其实现的机理如下: 加密步骤如下: 1)首先将数据按照8个字节一组进行分组得到D1D2......Dn(若数据不是8的整数倍,用指定的PADDING数据补位) 2)第一组数据D1与初始化向量I异或后的结果进行DES加密得到第一组密文C1(初始化向量I为全零) 3)第二组数据D2与第一组的加密结果C1异或以后的结果进行DES加密,得到第二组密文C2 4)之后的数据以此类推,得到Cn 5)按顺序连为https://www.360docs.net/doc/0010263832.html,即为加密结果。 解密是加密的逆过程,步骤如下: )首先将数据按照8个字节一组进行分组得到https://www.360docs.net/doc/0010263832.html, 2)将第一组数据进行解密后与初始化向量I进行异或得到第一组明文D1(注意:一定是先解密再异或) 3)将第二组数据C2进行解密后与第一组密文数据进行异或得到第二组数据D2
DES算法的verilog实现
EDA试验报告 一、实验项目名称 DES算法 二、实验目的与要求 1.掌握DES的原理和设计方法。 2.了解QuartusII硬件电路设计流程,学会利用Modelsim进行仿真。 3.加深对自顶向下设计和分模块化的了解,学会模块化的设计方法。 三、实验步骤 (一).DES算法原理 DES算法为密码体制中的对称密码体制,又被称为美国数据加密标准,是1972年美国IBM公司研制的对称密码体制加密算法。明文按64位进行分组,密钥长64位,密钥事实上是56位参与DES运算(第8、16、24、32、40、48、56、64位是校验位,使得每个密钥都有奇数个1)分组后的明文组和56位的密钥按位替代或交换的方法形成密文组的加密方法。
其入口参数有三个:key、data、mode。key为加密解密使用的密钥,data为加密解密的数据,mode为其工作模式。当模式为加密模式时,明文按照64位进行分组,形成明文组,key用于对数据加密,当模式为解密模式时,key用于 对数据解密。实际运用中,密钥只用到了64位中的56位,这样才具有高的安全性。DES算法把64位的明文输入块变为64位的密文输出块,它所使用的密钥也是64位,整个算法的主流程图如下: (二)、VerilogHDL实现原理 拟采用模块化设计思想,根据DES算法的流程分模
块设计实现各模块,自顶向下最终实现DES加密算法。 各模块功能及实现如下所示: 1.整体结构框架搭建,实现总体功能 module DES(input clk, input des_enable, input reset, input des_mode, input [1:64] data_i, input [1:64] key_i, output wire [1:64] data_o, output ready_o); wire [3:0] inter_num_curr; wire [1:32] R_i_var, L_i_var; wire [1:56] Key_i_var_out; wire [1:64] data_o_var_t; wire [1:32] R_i, L_i; wire [1:32] R_o, L_o; wire [1:56] Key_o; wire [1:28] C0, D0; IP IP1(.in(data_i), .L_i_var(L_i_var), .R_i_var(R_i_var)); IP_ni IP_ni(.in(data_o_var_t), .out(data_o)); pc_1 pc_1(.key_i(key_i), .C0(C0), .D0(D0)); //F(R,K) des_f des_f1(.clk(clk), .reset(reset), .des_mode(des_mode), .inter_num_i(inter_num_curr), .R_i(R_i), .L_i(L_i), .Key_i(Key_i_var_out), .R_o(R_o), .L_o(L_o), .Key_o(Key_o));
DES加密算法的简单实现实验报告
苏州科技学院电子与信息工程学院 实验报告 实验一 (实验)课程名称信息安全技术 实验名称DES加密算法的简单实现
实验报告 一、实验室名称:电子学院213机房 二、实验项目名称:DES加密算法的简单实现 三、实验学时:2学时 四、实验原理: DES的描述 DES是一种分组加密算法,他以64位为分组对数据加密。64位一组的明文从算法的一端输入,64位的密文从另一端输出。DES是一个对称算法:加密和解密用的是同一个算法(除密钥编排不同以外)。 密钥的长度为56位(密钥通常表示为64位的数,但每个第8位都用作奇偶检验,可以忽略)。密钥可以是任意的56位数,且可以在任意的时候改变。 DES算法的入口参数有3个:Key,Data,Mode。其中Key为8个字节共64位,是DES算法的工作密钥;Data也为8个字节64位,是要被加密或解密的数据:Mode为DES的工作方式,有两种:加密或解密。 DES算法的工作过程:若Mode为加密,则用Key对数据Data进行加密,生成Data的密码形式(64位)作为DES的输出结果;若Mode为解密,则用Key 对密码形式的数据Data解密,还原为Data的明码形式(64位)作为DES的输出结果。 DES算法详述 DES算法把64位的明文输入块变为64位的密文输出块,他所使用的密钥也是64位,DES对64 位的明文分组进行操作。通过一个初始置换,将明文分组分成左半部分和右半部分,各32位长。然后进行16轮相同的运算,这些相同的运算被称为函数f,在运算过程中数据和密钥相结合。经过16轮运算后左、右部分在一起经过一个置换(初始置换的逆置换),这样算法就完成了。 (1)初始置换 其功能是把输入的64位数据块按位重新组合,并把输出分为L0,R0两部分,每部分各长32位, 即将输入的第58位换到第1位,第50位换到第2位,…,依次类推,最后一位是原来的第7位,L0,R0则是换位输出后的两部分,L0是输出的左32位,R0是右32位。。 (2)逆置换
DES算法实现与分析论文
项目报告:DES 算法的实现与分析 组员:柴彦廷 121041302 李雨潇 121041316 唐均 121041328 王森 121041333 王钰 121041334 熊枫 121041337
目录 1. 引言.......................................... 错误!未定义书签。 2. 项目研究...................................... 错误!未定义书签。 2.1 框架设计、模块划分........................ 错误!未定义书签。 2.2. DES加密技术简介.......................... 错误!未定义书签。 3. 方案设计...................................... 错误!未定义书签。 3.1 明文的输入与转化.......................... 错误!未定义书签。 3.2 S盒及P盒原理简介........................ 错误!未定义书签。 3.3 子密钥的产生.............................. 错误!未定义书签。 3.4 16轮循环加密............................. 错误!未定义书签。 4. 仿真结果输出.................................. 错误!未定义书签。 5. DES算法特点总结............................... 错误!未定义书签。 6. 参考文献...................................... 错误!未定义书签。 7. 程序代码...................................... 错误!未定义书签。 一、引言 项目的选题目的和意义: