Difference between revisions of "PyCryptoPlus"
Jump to navigation
Jump to search
m (→TODO) |
m (→Test Vectors) |
||
| Line 44: | Line 44: | ||
*AES, DES: http://svn.python.org/projects/external/openssl-0.9.8a/test/evptests.txt |
*AES, DES: http://svn.python.org/projects/external/openssl-0.9.8a/test/evptests.txt |
||
*https://www.cosic.esat.kuleuven.be/nessie/testvectors/ |
*https://www.cosic.esat.kuleuven.be/nessie/testvectors/ |
||
| + | *XTS (AES&TDES): http://www.nuee.nagoya-u.ac.jp/labs/tiwata/omac/omac.html |
||
| + | |||
===Chaining Modes=== |
===Chaining Modes=== |
||
*[http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation Wikipedia] |
*[http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation Wikipedia] |
||
Revision as of 10:36, 2 September 2008
Back to SAGE & cryptology
Differences with pycrypto
- ciphers from pycrypto are being used with the python chaining modes and not the original pycrypto ones
=> plaintext can be supplied in arbitrary sizes instead of multiples of the blocksize like in pycrypto: the new chaining modes keep a cache to encrypt/decrypt data once the cachesize holds at least a blocksize of data - new possibilities:
- Serpent, Twofish
- CMAC, XTS, CTR mod
TODO
- add chaining modes: CMAC, CTR mod?
- further importing of pycrypto
- make test vectors available as variables
- add tests:
- CBC for serpent, twofish, blowfish
- XTS is only tested by comparing deciphered ciphertext, not by checking ciphertext
- check other implementation of Blowfish
- final() method of chains
- add a cipher.final() method? pycrypto doesn't have it, but it doesn't really conflict with the pycrypto API. It will just extend it
- final() method should use padding. Choose padding function at initialization of the cipher => again: extending the API
- XTS
- XTS-AES? XTS-AES just denotes XTS using AES cipher? Make only that one available (which is the case for the moment)?
- supply XTS keys by splitting 1 big key or by supplying two keys?
- add rijndael instead of only AES
Licenses
- used from python truecrypt implementation
all original code is under MIT license (much freedom according to [1])- pyTwofish (untouched)
python truecrypt author isn't the original author = > extra copyright notice that should be left in place - pyserpent (untouched)
python truecrypt author isn't the original author = > extra copyright notice that should be left in place - XTS (modified)
python truecrypt author is the original author => only MIT License - GF2n.py(untouched)
python truecrypt author is the original author => only MIT License
- pyTwofish (untouched)
- pyblowfish (untouched)
gpl or artistic license
gpl is compatible with public domain
Note from Phil: take care with GPL "viral" behavior, come&talk to me... - rijndael.py (untouched)
using tls lite (public domain) implementation which uses code from Bram Cohen (public domain) - pyDes (untouched)
public domain according to its homepage - blockciphers CBC, ECB, CTR from [2] (modified)
keep copyright notice in place?
Info
Test Vectors
- AES http://cryptome.org/bcm/sp800-38a.htm
- DES (enkel ECB) http://www.skepticfiles.org/faq/testdes.htm
- Blowfish: http://www.schneier.com/code/vectors.txt
- Serpent: http://www.cs.technion.ac.il/~biham/Reports/Serpent/
- Twofish: http://www.schneier.com/code/ecb_ival.txt
- AES, DES, 3DES: http://csrc.nist.gov/groups/STM/cavp/standards.html
-> AES in CBC, CTR, OFB, CFB - AES, DES: http://svn.python.org/projects/external/openssl-0.9.8a/test/evptests.txt
- https://www.cosic.esat.kuleuven.be/nessie/testvectors/
- XTS (AES&TDES): http://www.nuee.nagoya-u.ac.jp/labs/tiwata/omac/omac.html
Chaining Modes
- Wikipedia
- NIST
- XTS:
- CMAC = OMAC1:
- AES-CMAC: http://tools.ietf.org/html/rfc4493#page-2
- NIST:
Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication:SP 800-38B.pdf
Updated CMAC Examples - OMAC.py: http://github.com/jlhutch/jac/tree/master/omac.py
- OMAC page: http://www.nuee.nagoya-u.ac.jp/labs/tiwata/omac/omac.html