ietf-openpgp
[Top] [All Lists]

Re: extensibility & code bloat (Re: PGP cipher tags)

1997-08-08 23:43:32

Death rays from Mars made Adam Back <aba(_at_)dcs(_dot_)ex(_dot_)ac(_dot_)uk> 
write:
 
Assar Westerlund <assar(_at_)sics(_dot_)se> writes:
- If there's a need for more than 256 algorithms, how should these be
coded?  In binary or in ascii?  Fixed length or variable length?
ASCII, variable length.

I was kind of toying with the idea of creating a human readable formal 
grammar which describes algorithm combinations.  Might save multiple entries 
for DES (DES CBC, DES CFB, DES OFB, 3DES-EDE, etc.,etc), and would allow you 
to "implement" a chosen mode just by specifying what mode you wanted DES, and 
how to combine that to mutliple key DES. Anyone for outer-CBC 5DES?
 
This gets ugly real quick.  I thought of doing this for cryptlib, something 
like: 
 
  cryptAlgorithm = 3des { mode = cbc, padding = PKCS#5, noKeys = 2 }
  cryptAlgorithm = safer { mode = cfb, keysize = 128, useSaferSK = TRUE }
           
(and even wrote most of a parser for it) but dropped it for a number of 
reasons:
 
1. The code to parse this starts to get scary, because when a (say) dlopen()'d 
module registers a new algorithm it also has to register a grammar to allow 
its config settings to be parsed.  Some of the parsing code may have to reside 
in the crypto module, because the general parser won't be aware of every 
conceivable type of config option and setting in advance.
 
2. This doesn't work well under Windows where config options are held in the 
registry and might be administered by third-party software (for example a 
company might want to have a centrally-enforced policy of "No RSA until 2000", 
which would be controlled by the administrator setting the signAlgorithm to 
ElGamal on all the machines in the domain).  It's easy enough to do this if 
it's an integer, you look up what you want in a table and set the 
"signAlgorithm" key to 17 (or whatever ElGamal is), but if you have to build 
up a huge long text string it gets complicated.  It gets even more complex if 
the policy is "We allow anything nonpatented", because a check like "( id == 
17 || id == 18 )" is a lot easier to perform than one involving 
arbitrarily-formatted strings which can contain God knows what.
 
3. Virtually noone will ever use this capability.  I know from feedback from 
cryptlib users that virtually noone uses the InitEx() functions (which allow 
you to specify special-case parameters), and I can't see this as being any 
different from PGP.  
 
What you'd be doing is adding a lot of extra complications with little overall 
gain (in fact the added complexity is probably going to cause more problems 
than it's worth, not only because of the overhead in managing it but because 
allowing people to specify 7DES/CFB-47 will almost guarantee that anything 
they produce can't be decrypted by anyone else on earth).
 
Peter.
 


<Prev in Thread] Current Thread [Next in Thread>