NOW-AES: An AES-128-ECB Implementation in the Project HPC-NOW
The project HPC-NOW needs to handle sensitive information. Therefore, we implemented an AES module based on the NIST standard FIPS-197. Any further change in the project HPC-NOW will be syncronized to this repo.
DESCLAIMER
- Encryption/Decryption is extremely important and critical for information security. This project is released under the MIT terms, which means there is no WARRANTY. It is always recommended to use widely-validated implementations such as OpenSSL.
- This is a serial program, meaning that for large files, the encryption/decryption would be slow. Looking for parallelism methods and implement it.
- From preliminary tests, files encrypted by this program can be decrypted correctly by OpenSSL using the command
openssl aes-128-ecb -d -K KEY_STRING -in INPUT_FILE -out OUT_FILE
.
Program Name: NOW-AES: an AES-128-ECB implementation in the project HPC-NOW
Purpose: file-level encryption/decryption.
License: MIT
Technical Reference: NIST standard FIPS-197
Extras: As you can see in the source code, there are 2 different versions:
- 128bit-rw: Read 128 bit from the input file - encrypt/decrypt the 128 bit - write 128 bit to the output file, until the end of the input file.
- batch-rw: Load the input file to memory in batch, and then encrypt/decrypt to a memory buffer, then write the buffer to output file in batch.
It turns out the batch-rw improves the performance by 20%.
You need a C compiler to build.
- For Microsoft Windows users, mingw-w64 is required.
- For GNU/Linux Distro or other *nix users, the GNU Compiler Collections, known as gcc, is recommended.
- For macOS users, clang is easy to install and use (brew is not needed to install clang on macOS).
- Use
git
to clone this code:git clone https://github.com/zhenrong-wang/now-aes-ecb.git
- Build command example:
gcc now-crypto-aes.c -Wall -Ofast -o now-aes.exe
. The compiler flag-Ofast
is extremely important for performance!
COMMAND FORMAT ./now-aes.exe OPTION INPUT_FILE OUTPUT_FILE MD5_LIKE_STRING
- OPTION: Can only be decrypt or encrypt
- INPUT_FILE: The path of the input file. E.g.
~/input.zip
- OUTPUT_FILE: The path of the output file. E.g.
~/output.zip.enc
or~/output.zip
- MD5_LIKE_STRING: This program read an MD5 string and assemble a 128-bit (16 byte) encryption key.
- Optional: get an MD5 string as the key string:
md5sum FILE
(GNU/Linux) ormd5 FILE
(macOS) - Encryption:
./now-aes.exe encrypt ~/input.dat ~/encrypted.bin 56196c87917f0bca0c209346abb4c05f
- Decryption:
./now-aes.exe decrypt ~/encrypted.bin ~/output.dat 56196c87917f0bca0c209346abb4c05f
- Optional: get an MD5 string as the key string:
certutil -hashfile FILE MD5
- Encryption:
.\now-aes.exe encrypt c:\users\public\input.dat c:\users\public\encrypted.bin 56196c87917f0bca0c209346abb4c05f
- Decryption:
.\now-aes.exe decrypt c:\users\public\encrypted.bin c:\users\public\output.dat 56196c87917f0bca0c209346abb4c05f
You can validate the encryption/decryption by compare the hashes (MD5 or SHA) of the original file and the encrypted+decrypted file.
Please submit issues to this repo. I'd be glad to communicate on any issues.
Or, you can also email me: [email protected]