[crypticl-cvs] CVS crypticl/doc - crypticl-cvs@common-lisp.net - mailman3.common-lisp.net

24 Jan 2007

Update of /project/crypticl/cvsroot/crypticl/doc
In directory clnet:/tmp/cvs-serv5500/doc
Modified Files:
    USERGUIDE TODO ChangeLog 
Log Message:
Replaced secure PRNG based on SHA-1 with 128 bits AES in counter
mode. Should be 256 bits, but seems to be a bug in AES key
expansion.

--- /project/crypticl/cvsroot/crypticl/doc/USERGUIDE	2007/01/20 15:35:00	1.4
+++ /project/crypticl/cvsroot/crypticl/doc/USERGUIDE	2007/01/24 21:45:12	1.5
@@ -68,12 +68,13 @@
 "a9993e364706816aba3e25717850c26c9cd0d89d"
Implementation note: 
-There is a semantic difference between calling hash on a
-hash object with no data and calling hash on an empty byte vector. Calling
-hash on an empty object is more likely to be a user error and hence returns
-nil. Calling hash on an empty byte vector on the other hand, may simply mean
-that we got very short input and hence returns the initial state of the SHA-1
-algorithm (which is a valid 160 bits byte vector).
+
+There is a semantic difference between calling hash on a hash object with no
+data and calling hash on an empty byte vector. Calling hash on an empty object
+is more likely to be a user error and hence returns nil. Calling hash on an
+empty byte vector on the other hand, may simply mean that we got very short
+input and hence returns the initial state of the SHA-1 algorithm (which is a
+valid 160 bits byte vector).
The object oriented interface introduced above is built on top of low level
 function primitives for each algorithm. Sometimes it's easier to work directly
--- /project/crypticl/cvsroot/crypticl/doc/TODO	2007/01/21 01:15:22	1.5
+++ /project/crypticl/cvsroot/crypticl/doc/TODO	2007/01/24 21:45:12	1.6
@@ -1,11 +1,14 @@
 TODO list for Crypticl
 ======================
--Get high entropy seed for PRNG on Windows
+-bug in AES key	expansion for 256-bit keys, maybe others. More test
+cases needed.
+-Get high entropy seed for PRNG on Windows (native API CryptGenRandom,
+Advapi32.dll, Wincrypt.h,)
 -Replace use of SHA-1 in PRNG with a block cipher (AES) in counter mode.
 -Study the Fortuna PRNG.
 -more example applications to test and improve the api
 -SHA-512?
--Document how to run the full test set.
-
+-Document how to run the full test set (when porting to new platform).
+-only use hex and hexo, not the long versions.
--- /project/crypticl/cvsroot/crypticl/doc/ChangeLog	2007/01/17 22:00:57	1.15
+++ /project/crypticl/cvsroot/crypticl/doc/ChangeLog	2007/01/24 21:45:12	1.16
@@ -1,3 +1,8 @@
+24-01-2007 Taale Skogan
+	Replaced secure PRNG based on SHA-1 with 128 bits AES in counter
+	mode. Should be 256 bits, but seems to be a bug in AES key
+	expansion.
+	
 17-01-2007 Taale Skogan
    Removed email addresses (spam).

    