From d0ec60e7d671bb1f927cd711949d95441d947933 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 16 Oct 2013 08:46:50 -0500 Subject: AES Counter support * vectors from RFC 3686 * Documentation for the mode --- docs/primitives/symmetric-encryption.rst | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'docs/primitives/symmetric-encryption.rst') diff --git a/docs/primitives/symmetric-encryption.rst b/docs/primitives/symmetric-encryption.rst index c4bbf0a5..52bd6a40 100644 --- a/docs/primitives/symmetric-encryption.rst +++ b/docs/primitives/symmetric-encryption.rst @@ -77,6 +77,19 @@ Modes reuse an ``initialization_vector`` with a given ``key``. +.. class:: cryptography.primitives.block.modes.CTR(nonce) + + CTR (Counter) is a mode of operation for block ciphers. It is considered + cryptographically strong. + + :param bytes nonce: Must be random bytes. They do not need to be kept + secret (they can be included in a transmitted + message). Must be the same number of bytes as the + ``block_size`` of the cipher. It is critical to + never reuse a ``nonce`` with a given ``key``. Unlike + CBC, reusing a nonce compromises the security of + all data encrypted under the key (see: two time pad). + .. class:: cryptography.primitives.block.modes.OFB(initialization_vector) OFB (Output Feedback) is a mode of operation for block ciphers. It -- cgit v1.2.3 From 389892f8ad5700b152d20948ded9c540b2cdaff8 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 16 Oct 2013 13:20:50 -0500 Subject: update docs to roughly describe many time pad attack & link cbc --- docs/primitives/symmetric-encryption.rst | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'docs/primitives/symmetric-encryption.rst') diff --git a/docs/primitives/symmetric-encryption.rst b/docs/primitives/symmetric-encryption.rst index 52bd6a40..9520d6eb 100644 --- a/docs/primitives/symmetric-encryption.rst +++ b/docs/primitives/symmetric-encryption.rst @@ -87,8 +87,11 @@ Modes message). Must be the same number of bytes as the ``block_size`` of the cipher. It is critical to never reuse a ``nonce`` with a given ``key``. Unlike - CBC, reusing a nonce compromises the security of - all data encrypted under the key (see: two time pad). + :class:`~cryptography.primitives.block.modes.CBC`, + reusing a nonce compromises the security of all data + encrypted under the key. Specifically, + (pt1 xor keystream) xor (pt2 xor keystream) is + equivalent to (pt1 xor pt2). .. class:: cryptography.primitives.block.modes.OFB(initialization_vector) -- cgit v1.2.3 From 0ba2f9464693fe7ae0167eb47df9b1a96408ed9c Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Thu, 17 Oct 2013 12:06:46 -0500 Subject: remove confusing explanation about reusing nonce in counter mode docs --- docs/primitives/symmetric-encryption.rst | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'docs/primitives/symmetric-encryption.rst') diff --git a/docs/primitives/symmetric-encryption.rst b/docs/primitives/symmetric-encryption.rst index 9520d6eb..21421d16 100644 --- a/docs/primitives/symmetric-encryption.rst +++ b/docs/primitives/symmetric-encryption.rst @@ -89,9 +89,7 @@ Modes never reuse a ``nonce`` with a given ``key``. Unlike :class:`~cryptography.primitives.block.modes.CBC`, reusing a nonce compromises the security of all data - encrypted under the key. Specifically, - (pt1 xor keystream) xor (pt2 xor keystream) is - equivalent to (pt1 xor pt2). + encrypted under the key. .. class:: cryptography.primitives.block.modes.OFB(initialization_vector) -- cgit v1.2.3 From 4506428ad913d183ad90c0fed668745a6d2aaf33 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Thu, 17 Oct 2013 13:41:53 -0500 Subject: ctr doc language take 3 --- docs/primitives/symmetric-encryption.rst | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) (limited to 'docs/primitives/symmetric-encryption.rst') diff --git a/docs/primitives/symmetric-encryption.rst b/docs/primitives/symmetric-encryption.rst index 21421d16..a1f8ba32 100644 --- a/docs/primitives/symmetric-encryption.rst +++ b/docs/primitives/symmetric-encryption.rst @@ -77,19 +77,25 @@ Modes reuse an ``initialization_vector`` with a given ``key``. + .. class:: cryptography.primitives.block.modes.CTR(nonce) + .. warning:: + + Counter mode is not recommended for use with block ciphers that have a + block size of less than 128-bits. + CTR (Counter) is a mode of operation for block ciphers. It is considered cryptographically strong. - :param bytes nonce: Must be random bytes. They do not need to be kept - secret (they can be included in a transmitted - message). Must be the same number of bytes as the - ``block_size`` of the cipher. It is critical to - never reuse a ``nonce`` with a given ``key``. Unlike - :class:`~cryptography.primitives.block.modes.CBC`, - reusing a nonce compromises the security of all data - encrypted under the key. + :param bytes nonce: Recommended to be random. It is critical to never reuse + a ```nonce``` (or its subsequent incremented values) + with a given key. Any reuse of the nonce with the same + key compromises the security of every message encrypted + with that key. Must be the same number of bytes as the + ```block_size``` of the cipher with a given key. The + nonce does not need to be kept secret and may be + included alongside the ciphertext. .. class:: cryptography.primitives.block.modes.OFB(initialization_vector) -- cgit v1.2.3 From 89b3dd38c32b19853d24caa0f091a0dd78e54084 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Thu, 17 Oct 2013 14:02:45 -0500 Subject: additional doc work on ctr --- docs/primitives/symmetric-encryption.rst | 15 +++++++-------- 1 file changed, 7 insertions(+), 8 deletions(-) (limited to 'docs/primitives/symmetric-encryption.rst') diff --git a/docs/primitives/symmetric-encryption.rst b/docs/primitives/symmetric-encryption.rst index a1f8ba32..7899e67d 100644 --- a/docs/primitives/symmetric-encryption.rst +++ b/docs/primitives/symmetric-encryption.rst @@ -88,14 +88,13 @@ Modes CTR (Counter) is a mode of operation for block ciphers. It is considered cryptographically strong. - :param bytes nonce: Recommended to be random. It is critical to never reuse - a ```nonce``` (or its subsequent incremented values) - with a given key. Any reuse of the nonce with the same - key compromises the security of every message encrypted - with that key. Must be the same number of bytes as the - ```block_size``` of the cipher with a given key. The - nonce does not need to be kept secret and may be - included alongside the ciphertext. + :param bytes nonce: Should be random bytes. It is critical to never reuse a + ``nonce`` with a given key. Any reuse of a nonce + with the same key compromises the security of every + message encrypted with that key. Must be the same + number of bytes as the ``block_size`` of the cipher + with a given key. The nonce does not need to be kept + secret and may be included alongside the ciphertext. .. class:: cryptography.primitives.block.modes.OFB(initialization_vector) -- cgit v1.2.3