nettle-bugs March 2011

nettle-bugs@lists.lysator.liu.se

6 participants
7 discussions

Re: Serpent
by nisse＠lysator.liu.se 16 Apr '11

16 Apr '11

Simon Josefsson <simon(a)josefsson.org> writes: > nisse(a)lysator.liu.se (Niels Möller) writes: > >> Maybe you can try adding some of the testvectors at >> http://www.cs.technion.ac.il/~biham/Reports/Serpent/ to nettle and >> libgcrypt, and see what happens? (On the nettle side, I'll try to give >> that a reasonably high priority). > > As you noted privately, they fail in nettle but work in libgcrypt. A while ago, the email masquerading setup was … [View More]broken on the machine where I write email. Because of this, the invalid adress nettle-bugs(a)lysator.liu.se has appeared in headers of some of my emails, and then copied into replies to those. The correct address is nettle-bugs(a)lists.lysator.liu.se. > According to Eli's page and the AES submission paper, there is Serpent-0 > and Serpent-1 and the paper discuss (page 22-23) that the key schedule > has changed. Do you think nettle's implementation is serpent-0, or is it just broken? I'm puzzled, because I'm fairly sure I got the test vectors from serpent's submission package (I could try to double check that), which if I understand correctly ought to be serpent-1. I vaguely remember I had some difficulty understanding the organization of the test data, though. And I'm sorry if you have wasted some time debugging fully correct key scheduling. > I updated the wikipedia article on this: > http://en.wikipedia.org/wiki/Serpent_%28cipher%29 Hmm, I can't find any mention of serpent-0 there? > Still, I'm not sure it is worth the time to fix Serpent in Nettle. I > suggest to remove it, that will save some code size as well. It's clearly no use to keep the current broken implementation. But I think it would be nice to have serpent, for a couple of reasons: * It's generally good to have a couple of ciphers with aes-compatible key and block sizes. Besides aes/rijndael and serpent, there's twofish and camellia. * I'm not sure what performance one can get out of serpent compared to aes, in particular on 64-bit processors. AES doesn't fit well with 64-bit operations, camellia is better in that respect but includes some awkward operations (current 64-bit code could perhaps be improved abit using larger tables). * I'd prefer to not remove existing features. If you have a half-done port of libgrypt's serpent code, maybe you or I could finish it? I'll start by looking into the test vectors, I'd like to figure out where nettle's came from, and I'd like to have a serpent-test.c including correct test vectors, even if we end up removing all other serpent code. Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26. Internet email is subject to wholesale government surveillance. [View Less]

5 11

struct nettle_cipher for weak-key ciphers
by Daniel Kahn Gillmor 01 Apr '11

01 Apr '11

hi nettle folks-- now that Crypt::Nettle seems effective and functional, i'm starting to look at using it in other systems i'm working on. Suddenly, i realize i'm missing access to 3DES and BLOWFISH, which i find i actually want :/ I'm missing them because there is no struct nettle_cipher for these algorithms (or for DES, for that matter, though i care less about DES). I seem to have a few options: 0) Crypt::Nettle could write unique interfaces to those ciphers and expose them to the user … [View More]

3 8

weak-key ciphers and arcfour
by Daniel Kahn Gillmor 29 Mar '11

29 Mar '11

hi nettle folks-- the nettle docs say: > In Nettle, most key setup functions have no return value, but > for ciphers with weak keys, the return value indicates whether or not > the given key is weak. [...] > A problem is that the key > setup of ARCFOUR is quite weak, you should never use keys with > structure, keys that are ordinary passwords, or sequences of keys like > ``secret:1'', ``secret:2'', ... [...] > void arcfour_set_key (struct arcfour_ctx *ctx, … [View More]

3 4

developing nettle with git
by Daniel Kahn Gillmor 29 Mar '11

29 Mar '11

hi folks-- I'm managing my nettle work via git. I've extracted the cvs history of the upstream repo (nettle-only -- i'd rather not deal with all of lsh) and imported it into git. OF at all possible I plan to keep the "origin" branch up-to-date with the upstream CVS. Anyone who prefers to use git is welcome to use my repo as a jumping off point so you don't have to hassle with git cvsimport yourself. You can find it here: git clone git://lair.fifthhorseman.net/~dkg/nettle I would be … [View More]

5 14

making algorithms in nettle dynamically enumerable
by Daniel Kahn Gillmor 23 Mar '11

23 Mar '11

Hi Nettle folks-- In the course of writing Crypt::Nettle, it occurs to me that i'm going to need to update the list of available ciphers and digests for each new version of nettle that comes out. This also means that newer versions of the perl bindings won't work by default against older versions of libnettle, which seems like it might make the perl bindings less useful for people who are stuck (for whatever reason) with an older version of libnettle. The attached patch would present an … [View More]

3 12

typo in manual for arctwo
by Daniel Kahn Gillmor 21 Mar '11

21 Mar '11

Hi Nettle folks-- There's a typo in the Nettle manual about the ARCTWO block size. the attached patch (against 2.1) should fix it. Of course, it might already be fixed on the development trunk. Is there a public revision control system for nettle someplace i can look at? --dkg PS i sent this message earlier PGP/MIME-signed, but it was rejected by the mailing list with "After content filtering, the message was empty" -- could the content filtering be relaxed a little bit to allow … [View More]

2 4

nettle perl bindings
by Daniel Kahn Gillmor 18 Mar '11

18 Mar '11

Hi Nettle Folks-- I'm building Perl bindings for libnettle. I hope to claim the Crypt::Nettle namespace. The project is in its infancy, but i currently have coverage for all hash functions and ciphers. My next steps are adding bindings for Yarrow and RSA. At the moment, my source code is available via git: git clone git://lair.fifthhorseman.net/~dkg/libcrypt-nettle-perl You can test it with: cd libcrypt-nettle-perl perl Makefile.PL make make test You can read the docs with: … [View More]

4 13

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

nettle-bugs March 2011