Geek Answers Handbook

AES, Serpent or Twofish in the example?

I found many implementations of AES, Twofish and Serpent in C. But I really don't understand the examples. I only understand that some where examples are given for inverting the matrix.

Can someone give me an example or .c file to encrypt / decrypt the data represented by char* and password?

+8
c encryption aes
source share
3 answers

The Wikipedia article does refer to a great tutorial ( X-N20 ) written in C that guides you through Maths and provides a C implementation on the go, which is very useful for understanding the process. I also recommend reading the final field arithmetic .

Serpent and Twofish , skipping the name AES, are not well documented on the Internet. Remember that each of them provides reference implementations.

In fact, their implementation will require a study of their respective documents and, possibly, the source code.

Please note that your 20 billion comments are related to the fact that the NIST interface specified for AES was that each cipher provides a 128-bit (16-byte) input block and one of the 128-bit, 192-bit and 256-bit key blocks.

To safely encrypt in such a way as to properly resist cryptanalysis, you need some careful work. For example, what if a few bytes are missing in the last block? How do you put on a pillow? Similarly, depending on the intended use, other schemes exist, especially for large repetitive data, designed to counteract cryptanalysis when you know that the encrypted data probably contains the contents of c:\windows . What commentators strive for is that for any use in the real world, to stay safe, these things need to be considered.

Change Since there is another question in this question, here are some links:

  • Brian Gladman ASM / C code for various cryptographic algorithms, including AES, SHA and Serpent.
  • OpenSSL AES code in their CVS. See Also DES . They do not use the Snake. You can also see the rest of your code in the crypto section.
  • Crypto ++ . If you can use C ++ and are only the end user of cryptography, then you need this library (tm). There are algorithms that I have never heard of. Their trunk line is SVN .
  • libgcrypt provides a whole set of cryptographic functions for gpg . In particular, if you are after AES, you may not find it here, but you will find camellias and snakes.
+8
source share

Trying to answer the killercode β€œno answer” killercode , here is my attempt to achieve the same:

  • Download this TwoFish code (thanks to Schneier et al.): Https://www.schneier.com/code/twofish-reference-c.zip

  • Use this code (at your own risk, of course):

     int mode = MODE_CBC; int keySize = 256; int result = 0; keyInstance ki; /* key information, including tables */ cipherInstance ci; /* keeps mode (ECB, CBC) and IV */ BYTE plainText[MAX_BLK_CNT*(BLOCK_SIZE / 8)]; // 64 in size! BYTE cipherText[MAX_BLK_CNT*(BLOCK_SIZE / 8)]; BYTE decryptOut[MAX_BLK_CNT*(BLOCK_SIZE / 8)]; BYTE iv[BLOCK_SIZE / 8]; int i; /* select number of bytes to encrypt (multiple of block) */ /* eg, byteCnt = 16, 32, 48, 64 */ //byteCnt = (BLOCK_SIZE / 8) * (1 + (rand() % MAX_BLK_CNT)); /* generate test data */; int plainTextLength = 65; for (i = 0; i < min(plainTextLength, MAX_BLK_CNT*(BLOCK_SIZE / 8)); i++) plainText[i] = (BYTE)rand(); if (plainTextLength > MAX_BLK_CNT * BLOCK_SIZE / 8) { ::MessageBox(NULL, _T("You need to increase your MAX_BLK_CNT for the plain-text to fit in one call."), _T("Error"), MB_OK); return; } int byteCnt = ceil((double)plainTextLength / (BLOCK_SIZE / 8.0)) * (BLOCK_SIZE / 8); /* ----------------------- */ /* 'dummy' setup for a 128-bit key */ if (makeKey(&ki, DIR_ENCRYPT, keySize, NULL) != TRUE) result = 1; /* ----------------------- */ /* 'dummy' setup for cipher */ if (cipherInit(&ci, mode, NULL) != TRUE) result = 1; /* select key bits */ for (i = 0; i < keySize / 32; i++) ki.key32[i] = 0x10003 * rand(); /* run the key schedule */ reKey(&ki); /* set up random iv (if needed)*/ if (mode != MODE_ECB) { for (i = 0; i < sizeof(iv); i++) iv[i] = (BYTE)rand(); /* copy the IV to ci */ memcpy(ci.iv32, iv, sizeof(ci.iv32)); } /* encrypt the bytes */ if (blockEncrypt(&ci, &ki, plainText, byteCnt * 8, cipherText) != byteCnt * 8) result = 1; /* ----------------------- */ /* decrypt the bytes */ if (mode != MODE_ECB) /* first re-init the IV (if needed) */ memcpy(ci.iv32, iv, sizeof(ci.iv32)); if (blockDecrypt(&ci, &ki, cipherText, byteCnt * 8, decryptOut) != byteCnt * 8) result = 1; /* make sure the decrypt output matches original plaintext */ if (memcmp(plainText, decryptOut, byteCnt)) result = 1; if (result == 0) ::MessageBox(NULL, _T("Success"), _T("SUCCESS"), MB_OK);

It was my attempt, and it seems not bad.

CBC mode is used.

I am open to suggestions if anyone has.

Of course, you can make the MAX_BLK_CNT variable and increase it accordingly to be able to encrypt multiple data lengths. Although I'm not 100% sure if this is normal use.

Cheer! :)

+1
source share

Download OpenSSL / Putty / GnuPG sources. All of them contain the source of the corresponding encryption algorithm. In addition, each algorithm has a reference implementation in C, which can be easily found over the Internet.

0
source share

Source: https://habr.com/ru/post/651053/

More articles:


All Articles