[Cryptography Team] BlockCipher mode tests, fixes, enhancements
Chris Muller
chris at funkyobjects.org
Wed Mar 8 20:28:20 UTC 2006
My plan is to bolster our existing Cryptography
primitives to a minimally-usable level and implement a
couple of new ones (CTR and Fortuna) using the PC book
as my "specification". Having spent six months
studying and implementing KryptOn (before I discovered
the PC book), only to discover how little I still know
about cryptography has led me to give up on becoming
an expert and just doggedly and shrewdly follow the
implementation advice in the PC book to the letter.
Because of how well it is written, I *am* able to
follow and implement their suggestions to the finest
detail.
The primitive bolstering is now done. Next I plan to
use these bolstered primitives to redo KryptOn one
more time. The concept and interface of KryptOn will
remain mostly the same, it is still intended to be an
easy facade for common crypto problems. But the plan
is base it *completely* on the recommendations in the
PC book, with none of my own ideas in there.
I have a feeling, though, that the recommendation with
respect to 2048-bit (asymmetric) keys may cause me to
want to *allow* the KryptOn user to lax down to
1024-bit keys due to performance. Schneier and
Ferguson say they are willing to sacrifice 90%
performance for ideal security, but that may result in
a system that is totally unusable.. We'll see..
- Chris
--- Ron Teitelbaum <Ron at USMedRec.com> wrote:
> Nice work Chris.
>
> Is anyone available to review and verify Chris's
> work? (Chris said: CFB
> should be verified)
>
> Is anyone else able to help Chris with development?
>
> Chris, I see your notes below; did you add those
> notes to the class
> comments?
>
> Maybe you could coordinate more Schneier changes?
> Do you have a list of
> what changes you think we should be working on?
>
> Maybe we could get some team work going?
>
> Ron Teitelbaum
>
> > -----Original Message-----
> > From:
> cryptography-bounces at lists.squeakfoundation.org
> >
>
[mailto:cryptography-bounces at lists.squeakfoundation.org]
> On Behalf Of
> > Chris Muller
> > Sent: Tuesday, March 07, 2006 11:39 PM
> > To: cryptography at lists.squeakfoundation.org
> > Subject: [Cryptography Team] BlockCipher mode
> tests, fixes, enhancements
> >
> > Hi, just a note to let you know of some
> improvements
> > I've just committed to our repository.
> >
> > Cryptography-Core
> >
> > - All four BlockCipher modes are fixed-up and
> working
> > (CFB should be verified).
> > - Added ability for BlockCiphers to encrypt and
> > decrypt arbitrary-length ByteArray's.
> > - When using the non-streaming cipher modes (CBC
> and
> > CFB), proper padding of the ByteArray's should be
> the
> > responsibility of the BlockCipher, not the user
> > (developer). Therefore, #encrypt: applies the
> "option
> > 2" padding scheme specified by Ferguson and
> Schneier
> > in 'Practical Cryptography', p. 68-69.
> > - Can also encrypt/decrypt from:to: positions in
> an
> > existing ByteArray.
> > - Streaming modes (CTR and OFB) are supported as
> > stream ciphers, ByteArray's can be any size and no
> > padding to the next-larger block is performed or
> > needed.
> >
> > Cryptography-Tests
> >
> > - Created tests for all BlockCipher modes, by
> > generalizing the CTR test. They all now run the
> same
> > (semi-robust) test.
> > - Separate test conditions ensure streaming modes
> work
> > properly.
> > - Separate encrypt/decrypt ByteArray tests are
> > included for all BlockCipher modes.
> >
> > More to come..
> >
> > - Chris
> > _______________________________________________
> > Cryptography mailing list
> > Cryptography at lists.squeakfoundation.org
> >
>
http://lists.squeakfoundation.org/cgi-bin/mailman/listinfo/cryptography
>
>
>
More information about the Cryptography
mailing list