At 06:47 PM 8/9/97, Peter Gutmann wrote:
Death rays from Mars made Adam Back <aba(_at_)dcs(_dot_)ex(_dot_)ac(_dot_)uk>
write:
Assar Westerlund <assar(_at_)sics(_dot_)se> writes:
- If there's a need for more than 256 algorithms, how should these be
coded? In binary or in ascii? Fixed length or variable length?
ASCII, variable length.
I was kind of toying with the idea of creating a human readable formal
grammar which describes algorithm combinations. Might save multiple
entries
for DES (DES CBC, DES CFB, DES OFB, 3DES-EDE, etc.,etc), and would allow
you
to "implement" a chosen mode just by specifying what mode you wanted DES,
and
how to combine that to mutliple key DES. Anyone for outer-CBC 5DES?
This gets ugly real quick. I thought of doing this for cryptlib, something
like:
cryptAlgorithm = 3des { mode = cbc, padding = PKCS#5, noKeys = 2 }
cryptAlgorithm = safer { mode = cfb, keysize = 128, useSaferSK = TRUE }
(and even wrote most of a parser for it) but dropped it for a number of
reasons:
1. The code to parse this starts to get scary, because when a (say)
dlopen()'d
module registers a new algorithm it also has to register a grammar to allow
its config settings to be parsed. Some of the parsing code may have to
reside
in the crypto module, because the general parser won't be aware of every
conceivable type of config option and setting in advance.
On the other hand, if you have an ASCII string descriptor for each
algorithm permutation (such as "3DES-3Key-CFB") and a set of plug-ins that
each handle a set of permutations, (one does "RC4-128", "RC4-64", and
"RC4-40", another does "IDEA-PGP" and "IDEA-CFB", another does "FEAL-NSA",
etc.) then writing code that invokes the correct plug-in and passes it the
descriptor string and other data is fairly straightforward.
Given the average public key size seems to be about 1024 bits (128
bytes/octets), there is certainly room for a string descriptor for the
encryption algorithm/mode, the session key, the signature algorithm/mode,
and the ID/fingerprint of the signature key in the public key encrypted
portion of the message header.
For example:
9 bytes: "IDEA-PGP" (length + 8 data bytes)
17 bytes: IDEA session key (length + 16 data bytes)
8 bytes: "ElGamal" (length + 7 data bytes)
21 bytes: signature key fingerprint (length + 20 data bytes)
55 bytes total.
This would still leave 73 bytes for random padding or other purposes.
Jonathan Wienke
What part of "the right of the people to keep and bear Arms, shall not be
infringed" is too hard to understand? (From 2nd Amendment, U.S. Constitution)
PGP 2.6.2 RSA Key Fingerprint: 7484 2FB7 7588 ACD1 3A8F 778A 7407 2928
DSS/D-H Key Fingerprint: 3312 6597 8258 9A9E D9FA 4878 C245 D245 EAA7 0DCC
Public keys available at pgpkeys.mit.edu. PGP encrypted e-mail preferred.
US/Canadian Windows 95/NT or Mac users:
Get Eudora Light + PGP 5.0 for free at http://www.eudora.com/eudoralight/
Get PGP 5.0 for free at http://bs.mit.edu:8001/pgp-form.html
Commercial version of PGP 5.0 and related products at http://www.pgp.com
Eudora + PGP = Free, Convenient Communication Privacy
Go postal! Write your mommy a letter!
pgpwSLtnLF8oL.pgp
Description: PGP signature