Difference between revisions of "PyCryptoPlus"
Jump to navigation
Jump to search
m (→Chaining Modes) |
m (→Chaining Modes) |
||
Line 51: | Line 51: | ||
** AES-CMAC: http://tools.ietf.org/html/rfc4493#page-2 |
** AES-CMAC: http://tools.ietf.org/html/rfc4493#page-2 |
||
** NIST:<br>Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication:[http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf SP 800-38B.pdf]<br>[http://csrc.nist.gov/publications/nistpubs/800-38B/Updated_CMAC_Examples.pdf Updated CMAC Examples] |
** NIST:<br>Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication:[http://csrc.nist.gov/publications/nistpubs/800-38B/SP_800-38B.pdf SP 800-38B.pdf]<br>[http://csrc.nist.gov/publications/nistpubs/800-38B/Updated_CMAC_Examples.pdf Updated CMAC Examples] |
||
− | ** OMAC.py: http://github.com/jlhutch/jac/tree/ |
+ | ** OMAC.py: http://github.com/jlhutch/jac/tree/master/omac.py |
Revision as of 09:08, 2 September 2008
Back to SAGE & cryptology
Differences with pycrypto
- ciphers from pycrypto are being used with the python chaining modes and not the original pycrypto ones
=> plaintext can be supplied in arbitrary sizes instead of multiples of the blocksize like in pycrypto: the new chaining modes keep a cache to encrypt/decrypt data once the cachesize holds at least a blocksize of data - new possibilities:
- Serpent, Twofish
- CMAC, XTS, CTR mod
TODO
- add chaining modes: CMAC, CTR mod?
- further importing of pycrypto
- make test vectors available as variables
- add tests:
- CBC for serpent, twofish, blowfish
- XTS is only tested by comparing deciphered ciphertext, not by checking ciphertext
- check other implementation of Blowfish
- final() method of chains
- add a cipher.final() method? pycrypto doesn't have it, but it doesn't really conflict with the pycrypto API. It will just extend it
- final() method should use padding. Choose padding function at initialization of the cipher => again: extending the API
- XTS <-> XTS-AES?
XTS-AES just denotes XTS using AES cipher? Make only that one available? - add rijndael instead of only AES
Licenses
- used from python truecrypt implementation
all original code is under MIT license (much freedom according to [1])- pyTwofish (untouched)
python truecrypt author isn't the original author = > extra copyright notice that should be left in place - pyserpent (untouched)
python truecrypt author isn't the original author = > extra copyright notice that should be left in place - XTS (modified)
python truecrypt author is the original author => only MIT License - GF2n.py(untouched)
python truecrypt author is the original author => only MIT License
- pyTwofish (untouched)
- pyblowfish (untouched)
gpl or artistic license
gpl is compatible with public domain
Note from Phil: take care with GPL "viral" behavior, come&talk to me... - rijndael.py (untouched)
using tls lite (public domain) implementation which uses code from Bram Cohen (public domain) - pyDes (untouched)
public domain according to its homepage - blockciphers CBC, ECB, CTR from [2] (modified)
keep copyright notice in place?
Info
Test Vectors
- AES http://cryptome.org/bcm/sp800-38a.htm
- DES (enkel ECB) http://www.skepticfiles.org/faq/testdes.htm
- Blowfish: http://www.schneier.com/code/vectors.txt
- Serpent: http://www.cs.technion.ac.il/~biham/Reports/Serpent/
- Twofish: http://www.schneier.com/code/ecb_ival.txt
- AES, DES, 3DES: http://csrc.nist.gov/groups/STM/cavp/standards.html
-> AES in CBC, CTR, OFB, CFB - AES, DES: http://svn.python.org/projects/external/openssl-0.9.8a/test/evptests.txt
- https://www.cosic.esat.kuleuven.be/nessie/testvectors/
Chaining Modes
- Wikipedia
- NIST
- XTS:
- CMAC = OMAC1:
- AES-CMAC: http://tools.ietf.org/html/rfc4493#page-2
- NIST:
Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication:SP 800-38B.pdf
Updated CMAC Examples - OMAC.py: http://github.com/jlhutch/jac/tree/master/omac.py