libmcrypt Unified Block and Stream Encryption

Author:: Nikos Mavroyanopoulos <nmav@hellug.gr>
Main contributors: Sascha Schumann <sascha@schumann.cx>, Steve Underwood <steveu@infowebtelecom.com>, Igor Schein <igor@txc.com>, Alexander Demenshin <aldem@techie.com>, Koblinger Egmont <egmont@fazekas.hu>, Larry Snyder <larrys@lexis-nexis.com>, Robin Humble <rjh@pixel.maths.monash.edu.au>, Janusz A. Urbanowicz <alex@bofh.net.pl>, Dan Stromberg <strombrg@nis.acs.uci.edu>, R Sriram <rsriram@krdl.org.sg>, Robert Hanzlik <robi@junyks.cz>, Lars Nordentoft <lntech@post9.tele.dk>, Don Sutherland <dss@yadda.net>, Salvatore Sanfilippo <antirez@linuxcare.com>, Jerome Bertorelle <jerome.bertorelle@noos.fr>, Andrew Libby <alibby@commnav.com>, Jonathan Woolmington <jwool@ind.tansu.com.au>, Sami Farin <sfarin@ratol.fi>, Barton C Massey <bart@cs.pdx.edu>, Derick Rethans <d.rethans@jdimedia.nl>, Phillip Oleson <poleson@verio.net>, Bernard Guillot <bguillot@incoretech.com>, Stefan Hetzl <shetzl@teleweb.at>, Gustavo Niemeyer <niemeyer@conectiva.com>, Germano Rizzo <mano@pluto.linux.it>, Ilia A. <ilia@prohost.org>

Date:: 2000-2003

Note:

They designed the crypto algorithms (Thanks to all of them):

DES: IBM Corp and NSA (American National Security Agency)
Lucifer: (the algorithm that DES is based on): Roy Adler, Don Coppersmith, Horst Feistel, Edna Grossman, Alan Konheim, Carl Meyer, Bill Notz, Lynn Smith, Walt Tuchman and Bryant Tuckerman.
CAST-128/CAST-256: Carlisle Adams
xTEA: David Wheeler & Roger M. Needham
3-WAY: Joan Daemen
Blowfish: Bruce Schneier
Twofish: Bruce Schneier, Doug Whiting, John Kelsey, Chris Hall, David Wagner
GOST: A.Zabotin, G.P. Glazkov, and V.B. Isaeva
SAFER: J.L. Massey
RC2/RC4: Ron Rivest
LOKI97: Lawrie Brown, Josef Pieprzyk

LibMcrypt Presentation

Libmcrypt is a thread-safe library providing a uniform interface to access several block and stream encryption algorithms. Check the manual page for more information on libmcrypt.
Look at COPYING in the archive for license information and the individual files for more information. COPYING applies only for the mcrypt program and not the algorithms which most of them are public domain.

A mailing list on mcrypt is mcrypt-dev@lists.hellug.gr Subscribe by visiting http://lists.hellug.gr/mailman/listinfo/mcrypt-dev
cast-256 and rc6 alogorithms do not work properly on Alpha (64 bits) architecture with some compilers. Compile the library in 32 bit mode to resolve the problem.
LAB Main Introduction

LibMcrypt algorithms

The libmcrypt is a data encryption library. The library is thread safe and provides encryption and decryption functions. This version of the library supports many encryption algorithms and encryption modes. Some algorithms which are supported: SERPENT, RIJNDAEL, 3DES, GOST, SAFER+, CAST-256, RC2, XTEA, 3WAY, TWOFISH, BLOWFISH, ARCFOUR, WAKE and more.

OFB, CBC, ECB, nOFB, nCFB and CFB are the modes that all algorithms may function. ECB, CBC, encrypt in blocks but CTR, nCFB, nOFB, CFB and OFB in bytes (streams). Note that CFB and OFB in the rest of the document represent the "8bit CFB or OFB" mode. nOFB and nCFB modes represents a n-bit OFB/CFB mode, n is used to represent the algorithm’s block size. The library supports an extra STREAM mode to include some stream algo- rithms like WAKE or ARCFOUR.

In this version of the library all modes and algorithms are modular, which means that the algorithm and the mode is loaded at run-time. This way you can add algorithms and modes faster, and much easier.

Symmetric Algorithms

LibMcrypt includes the following symmetric (block) algorithms:

DES: The traditional DES algorithm designed by IBM and US NSA. Uses 56 bit key and 64 bit block. It is now considered a weak algorithm, due to its small key size (it was never intended for use with classified data).
3DES or Triple DES: DES but with multiple (triple) encryption. It encrypts the plaintext once, then decrypts it with the second key, and encrypts it again with the third key (outer cbc mode used for cbc). Much better than traditional DES since the key is now 168 bits (actually the effective key length is 112 bits due to the meet-in-the-middle attack).
CAST-128: CAST was designed in Canada by Carlisle Adams and Stafford Tavares. The original algorithm used a 64bit key and block. The algorithm here is CAST-128 (also called CAST5) which has a 128bit key and 64bit block size.
CAST-256: CAST-256 was designed by Carlisle Adams. It is a symmetric cipher designed in accordance with the CAST design procedure. It is an extention of the CAST-128, having a 128 bit block size, and up to 256 bit key size.
xTEA: TEA stands for the Tiny Encryption Algorithm. It is a feistel cipher designed by David Wheeler & Roger M. Needham. The original TEA was intended for use in applications where code size is at a premium, or where it is necessary for someone to remember the algorithm and code it on an arbitrary machine at a later time. The algorithm used here is extended TEA and has a 128bit key size and 64bit block size.
3-WAY: The 3way algorithm designed by Joan Daemen. It uses key and block size of 96 bits.
SKIPJACK: SKIPJACK was designed by the US NSA. It was part of the illfated "Clipper" Escrowed Encryption Standard (EES) (FIPS 185) proposal. It operates on 64bit blocks and uses a key of 80 bits. SKIPJACK is provided only as an extra module to libmcrypt.
BLOWFISH: The Blowfish algorithm designed by Bruce Schneier. It is better and faster than DES. It can use a key up to 448 bits.
TWOFISH: Twofish was designed by Bruce Schneier, Doug Whiting, John Kelsey, Chris Hall, David Wagner for Counterpane systems. Intended to be highly secure and highly flexible. It uses a 128bit block size and 128,192,256 bit key size. (Twofish is the default algorithm)
LOKI97: LOKI97 was designed by Lawrie Brown and Josef Pieprzyk. It has a 128-bit block length and a 256bit key schedule, which can be initialized using 128, 192 or 256 bit keys. It has evolved from the earlier LOKI89 and LOKI91 64-bit block ciphers, with a strengthened key schedule and a larger keyspace.
RC2: RC2 (RC stands for Rivest Cipher) was designed by Ron Rivest. It uses block size of 64 bit and a key size from 8 to 1024 bits. It is optimized for 16bit microprocessors (reflecting its age). It is described in the RFC2268.
ARCFOUR: RC4 was designed by Ron Rivest. For several years this algorithm was considered a trade secret and details were not available. In September 1994 someone posted the source code in the cypherpunks mailing list. Although the source code is now available RC4 is trademarked by RSADSI so a compatible cipher named ARCFOUR is included in the mcrypt distribution. It is a stream cipher and has a maximum key of 2048 bits.
RC6: RC6 was designed by Ron Rivest for RSA labs. In mcrypt it uses block size of 128 bit and a key size of 128/192/256 bits. Refer to RSA Labs and Ron Rivest for any copyright, patent or license issues for the RC6 algorithm. RC6 is provided only as an extra module to libmcrypt.
RIJNDAEL: Rijndael is a block cipher, designed by Joan Daemen and Vincent Rijmen, and was approved for the USA’s NIST Advanced Encryption Standard, FIPS-197. The cipher has a variable block length and key length. Rijndael can be implemented very efficiently on a wide range of processors and in hardware. The design of Rijndael was strongly influenced by the design of the block cipher Square. There exist three versions of this algorithm, namely: RIJNDAEL-128 (the AES winner) , RIJNDAEL-192 , RIJNDAEL-256 The numerals 128, 192 and 256 stand for the length of the block size.
MARS: MARS is a 128-bit block cipher designed by IBM as a candidate for the Advanced Encryption Standard. Refer to IBM for any copyright, patent or license issues for the MARS algorithm. MARS is provided only as an extra module to libmcrypt.
PANAMA: PANAMA is a cryptographic module that can be used both as a cryptographic hash function and as a stream cipher. It designed by Joan Daemen and Craig Clapp. PANAMA (the stream cipher) is included in libmcrypt.
WAKE: WAKE stands for Word Auto Key Encryption, and is an encryption system for medium speed encryption of blocks and of high security. WAKE was designed by David J. Wheeler. It is intended to be fast on most computers and relies on repeated table use and having a large state space.
SERPENT: Serpent is a 128-bit block cipher designed by Ross Anderson, Eli Biham and Lars Knudsen as a candidate for the Advanced Encryption Standard. Serpent’s design was limited to well understood mechanisms, so that could rely on the wide experience of block cipher cryptanalysis, and achieve the highest practical level of assurance that no shortcut attack will be found. Serpent has twice as many rounds as are necessary, to block all currently known shortcut attacks. Despite these exacting design constraints, Serpent is faster than DES.
IDEA: IDEA stands for International Data Encryption Algorithm and was designed by Xuejia Lai and James Massey. It operates on 64bit blocks and uses a key of 128 bits. Refer to Ascom-Tech AG for any copyright, patent or license issues for the IDEA algorithm. IDEA is provided only as an extra module to libmcrypt.
ENIGMA (UNIX crypt): A one-rotor machine designed along the lines of Enigma but considerable trivialized. Very easy to break for a skilled cryptanalyst. I suggest against using it. Added just for completeness.
GOST: A former soviet union’s algorithm. An acronym for "Gosudarstvennyi Standard" or Government Standard. It uses a 256 bit key and a 64 bit block. The S-boxes used here are described in the Applied Cryptography book by Bruce Schneier. They were used in an application for the Central Bank of the Russian Federation. Some quotes from gost.c: The standard is written by A. Zabotin (project leader), G.P. Glazkov, and V.B. Isaeva. It was accepted and introduced into use by the action of the State Standards Committee of the USSR on 2 June 1989 as No. 1409. It was to be reviewed in 1993, but whether anyone wishes to take on this obligation from the USSR is questionable. This code is based on the 25 November 1993 draft translation by Aleksandr Malchik, with Whitfield Diffie, of the Government Standard of the U.S.S.R. GOST 28149-89, "Cryptographic Transformation Algorithm", effective 1 July 1990. (Whitfield.Diffie@eng.sun.com) Some details have been cleared up by the paper "Soviet Encryption Algorithm" by Josef Pieprzyk and Leonid Tombak of the University of Wollongong, New South Wales. (josef/leo@cs.adfa.oz.au)
SAFER: SAFER (Secure And Fast Encryption Routine) is a block cipher developed by Prof. J.L. Massey at the Swiss Federal Institute of Technology. There exist four versions of this algorithm, namely: SAFER K-64 , SAFER K-128 , SAFER SK-64 and SAFER SK-128. The numerals 64 and 128 stand for the length of the user-selected key, ’K’ stands for the original key schedule and ’SK’ stands for the strengthened key schedule (in which some of the "weaknesses" of the original key schedule have been removed). In mcrypt only SAFER SK-64 and SAFER SK-128 are used.
SAFER+: SAFER+ was designed by Prof. J.L. Massey, Prof. Gurgen H. Khachatrian and Dr. Melsik K. Kuregian for Cylink. SAFER+ is based on the existing SAFER family of ciphers and provides for a block size of 128bits and 128, 192 and 256 bits key length.
LibMcrypt Presentation | LAB Main Introduction

LAB Usage of LibMcrypt

Current LAB Foundation classes use libmcrypt when security is needed. The current LAB Foundation implementation (1.2.7) uses dynamic algorithm selection. Future releases may allow for system administrator configuration of a subset (or none) of the encryption schemes.