From 13f108f926a84eec9c0598164f25cedaece567e3 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Mon, 9 Sep 2013 21:41:03 -0500 Subject: Add ECB class + docs + tests * Slightly refactors test_nist to allow fetching of data that has no IV * Does not modify create_block_cipher_context (next commit) --- docs/primitives/symmetric-encryption.rst | 12 ++++++++++++ 1 file changed, 12 insertions(+) (limited to 'docs/primitives/symmetric-encryption.rst') diff --git a/docs/primitives/symmetric-encryption.rst b/docs/primitives/symmetric-encryption.rst index 1b8d1d73..8a9bbbdf 100644 --- a/docs/primitives/symmetric-encryption.rst +++ b/docs/primitives/symmetric-encryption.rst @@ -67,3 +67,15 @@ Modes ``block_size`` of the cipher. Do not reuse an ``initialization_vector`` with a given ``key``. + + +Insecure Modes +-------------- + +.. class:: cryptography.primitives.block.modes.ECB() + + ECB (Electronic Code Book) is the simplest mode of operation for block + ciphers. The data is separated into blocks and each block is encrypted + separately. This means identical plaintext blocks will always result in + identical encrypted blocks. Due to this property it is not recommended + for use. Really, don't use it. Just. Don't. -- cgit v1.2.3 From 09980a55fe5a3e4f586425a11b20ba89e84d0452 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 10 Sep 2013 08:24:30 -0500 Subject: remove unneeded init in ECB class, add warning to docs for ECB mode --- docs/primitives/symmetric-encryption.rst | 1 + 1 file changed, 1 insertion(+) (limited to 'docs/primitives/symmetric-encryption.rst') diff --git a/docs/primitives/symmetric-encryption.rst b/docs/primitives/symmetric-encryption.rst index 8a9bbbdf..d0429d4b 100644 --- a/docs/primitives/symmetric-encryption.rst +++ b/docs/primitives/symmetric-encryption.rst @@ -72,6 +72,7 @@ Modes Insecure Modes -------------- +.. warning:: Do not use. This is an insecure mode. .. class:: cryptography.primitives.block.modes.ECB() ECB (Electronic Code Book) is the simplest mode of operation for block -- cgit v1.2.3 From cd413a36d3716bf56df7b6e071e57071730d1386 Mon Sep 17 00:00:00 2001 From: Alex Gaynor Date: Tue, 10 Sep 2013 18:59:43 -0700 Subject: Cleaned up the docs for ECB --- docs/primitives/symmetric-encryption.rst | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'docs/primitives/symmetric-encryption.rst') diff --git a/docs/primitives/symmetric-encryption.rst b/docs/primitives/symmetric-encryption.rst index d0429d4b..f028c755 100644 --- a/docs/primitives/symmetric-encryption.rst +++ b/docs/primitives/symmetric-encryption.rst @@ -72,11 +72,15 @@ Modes Insecure Modes -------------- -.. warning:: Do not use. This is an insecure mode. +.. warning:: + + These modes are insecure. New applications should never make use of them, + and existing applications should strongly consider migrating away. + + .. class:: cryptography.primitives.block.modes.ECB() ECB (Electronic Code Book) is the simplest mode of operation for block - ciphers. The data is separated into blocks and each block is encrypted - separately. This means identical plaintext blocks will always result in - identical encrypted blocks. Due to this property it is not recommended - for use. Really, don't use it. Just. Don't. + ciphers. Each block of data is encrypted in the same way. This means + identical plaintext blocks will always result in identical ciphertext + blocks, and thus result in information leakage -- cgit v1.2.3 From 6f412a0fc35386ad980c5b3fa2bdb3c90436f3b6 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 10 Sep 2013 21:30:50 -0500 Subject: add output feedback mode support + test vectors (aes) --- docs/primitives/symmetric-encryption.rst | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'docs/primitives/symmetric-encryption.rst') diff --git a/docs/primitives/symmetric-encryption.rst b/docs/primitives/symmetric-encryption.rst index d0429d4b..7ec42a30 100644 --- a/docs/primitives/symmetric-encryption.rst +++ b/docs/primitives/symmetric-encryption.rst @@ -68,6 +68,19 @@ Modes reuse an ``initialization_vector`` with a given ``key``. +.. class:: cryptography.primitives.block.modes.OFB(initialization_vector) + + OFB (Output Feedback) is a mode of operation for block ciphers. It + transforms a block cipher into a stream cipher. + + :param bytes initialization_vector: Must be random bytes. They do not need + to be kept secret (they can be included + in a transmitted message). Must be the + same number of bytes as the + ``block_size`` of the cipher. Do not + reuse an ``initialization_vector`` with + a given ``key``. + Insecure Modes -------------- -- cgit v1.2.3 From c507412ec09e6fa502fbd8587824901e1cf9a935 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Tue, 10 Sep 2013 22:15:00 -0500 Subject: change OFB iv to nonce to reflect dstufft nomenclature pitch * Namely, we should try to call things IV if reuse leaks a small amount of data and nonce if reuse can result in a complete break. This can be somewhat ambiguous, but we'll track in #58 --- docs/primitives/symmetric-encryption.rst | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) (limited to 'docs/primitives/symmetric-encryption.rst') diff --git a/docs/primitives/symmetric-encryption.rst b/docs/primitives/symmetric-encryption.rst index 7ec42a30..587c94b4 100644 --- a/docs/primitives/symmetric-encryption.rst +++ b/docs/primitives/symmetric-encryption.rst @@ -68,18 +68,16 @@ Modes reuse an ``initialization_vector`` with a given ``key``. -.. class:: cryptography.primitives.block.modes.OFB(initialization_vector) +.. class:: cryptography.primitives.block.modes.OFB(nonce) OFB (Output Feedback) is a mode of operation for block ciphers. It transforms a block cipher into a stream cipher. - :param bytes initialization_vector: Must be random bytes. They do not need - to be kept secret (they can be included - in a transmitted message). Must be the - same number of bytes as the - ``block_size`` of the cipher. Do not - reuse an ``initialization_vector`` with - a given ``key``. + :param bytes nonce: Must be random bytes. They do not need to be kept + secret (they can be included in a transmitted message). + Must be the same number of bytes as the ``block_size`` + of the cipher. Reuse of a ``nonce`` with a given + ``key`` can allow recovery of the original plaintext. Insecure Modes -- cgit v1.2.3 From 4223df72cf3d3566ae8ccbce7d31dbae7ee25cdd Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Wed, 11 Sep 2013 09:48:04 -0500 Subject: add CFB to documentation --- docs/primitives/symmetric-encryption.rst | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'docs/primitives/symmetric-encryption.rst') diff --git a/docs/primitives/symmetric-encryption.rst b/docs/primitives/symmetric-encryption.rst index c4f78a79..be86229b 100644 --- a/docs/primitives/symmetric-encryption.rst +++ b/docs/primitives/symmetric-encryption.rst @@ -79,6 +79,19 @@ Modes of the cipher. Reuse of a ``nonce`` with a given ``key`` can allow recovery of the original plaintext. +.. class:: cryptography.primitives.block.modes.CFB(initialization_vector) + + CFB (Cipher Feedback) is a mode of operation for block ciphers. It + transforms a block cipher into a stream cipher. + + :param bytes initialization_vector: Must be random bytes. They do not need + to be kept secret (they can be included + in a transmitted message). Must be the + same number of bytes as the + ``block_size`` of the cipher. Do not + reuse an ``initialization_vector`` with + a given ``key``. + Insecure Modes -------------- -- cgit v1.2.3 From f1a39bd77ff8ea5fda5a24616c3fc9a9199be633 Mon Sep 17 00:00:00 2001 From: David Reid Date: Wed, 11 Sep 2013 16:28:42 -0700 Subject: OFB uses an initialization vector instead a nonce. --- docs/primitives/symmetric-encryption.rst | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) (limited to 'docs/primitives/symmetric-encryption.rst') diff --git a/docs/primitives/symmetric-encryption.rst b/docs/primitives/symmetric-encryption.rst index be86229b..46d7c07c 100644 --- a/docs/primitives/symmetric-encryption.rst +++ b/docs/primitives/symmetric-encryption.rst @@ -68,16 +68,18 @@ Modes reuse an ``initialization_vector`` with a given ``key``. -.. class:: cryptography.primitives.block.modes.OFB(nonce) +.. class:: cryptography.primitives.block.modes.OFB(initialization_vector) OFB (Output Feedback) is a mode of operation for block ciphers. It transforms a block cipher into a stream cipher. - :param bytes nonce: Must be random bytes. They do not need to be kept - secret (they can be included in a transmitted message). - Must be the same number of bytes as the ``block_size`` - of the cipher. Reuse of a ``nonce`` with a given - ``key`` can allow recovery of the original plaintext. + :param bytes initialization_vector: Must be random bytes. They do not need + to be kept secret (they can be included + in a transmitted message). Must be the + same number of bytes as the + ``block_size`` of the cipher. Do not + reuse an ``initialization_vector`` with + a given ``key``. .. class:: cryptography.primitives.block.modes.CFB(initialization_vector) -- cgit v1.2.3 From dff22d4707a50b8164c5c6acd5521bcd91160cd1 Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Fri, 27 Sep 2013 13:43:06 -0500 Subject: Camellia block cipher support * Tests for CBC, OFB, CFB, and ECB * Tests will be automatically skipped if camellia support is not present in your OpenSSL library (e.g. OS X 10.8 with default OpenSSL) * Test for unsupported cipher in create_block_cipher_context * Docs for the cipher --- docs/primitives/symmetric-encryption.rst | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'docs/primitives/symmetric-encryption.rst') diff --git a/docs/primitives/symmetric-encryption.rst b/docs/primitives/symmetric-encryption.rst index 46d7c07c..c4bbf0a5 100644 --- a/docs/primitives/symmetric-encryption.rst +++ b/docs/primitives/symmetric-encryption.rst @@ -51,6 +51,15 @@ Ciphers :param bytes key: The secret key, either ``128``, ``192``, or ``256`` bits. This must be kept secret. +.. class:: cryptography.primitives.block.ciphers.Camellia(key) + + Camellia is a block cipher approved for use by CRYPTREC and ISO/IEC. + It is considered to have comparable security and performance to AES, but + is not as widely studied or deployed. + + :param bytes key: The secret key, either ``128``, ``192``, or ``256`` bits. + This must be kept secret. + Modes ~~~~~ -- cgit v1.2.3