- 论坛徽章:
- 0
|
Encryption\r\nFiletopia uses many encryption components which provide a high degree of security. \r\n\r\nFor the \" ublic Key\" (PK) functionality, it uses an asymmetric cipher based on \"Elliptic Curves\" and for symmetric encryption it can use several different ciphers. The rule is very simple: for all Client/Server connections, the Client is the one to choose the cipher\'s algorithm to use. For the chat, it uses a complex protocol in which each user creates two encryption objects for every other user in the channel, encrypting with the user\'s own cipher choice and using the other user\'s choice to decrypt. Of course, to exchange the session keys, it uses Public Key techniques. \r\n\r\nThere is also a Hash component: SHA1 is used to protect the user\'s password, so that not even the server knows it.\r\n\r\nSymmetric ciphers\r\n\r\nIf you want to have an overview of basic concepts used in cryptography you can check this page.\r\n\r\nRijndael (AES)\r\n\r\nRijndael is the AES winner and the default cipher used in Filetopia, it is written by Joan Daemen and Vincent Rijmen. The cipher has a variable block and key length, and the authors have demonstrated how to extend the block length and key length by muliples of 32 bits. The design of Rijndael was influenced by the SQUARE algorithm. The authors provide a Rijndael specification and a more theoretical paper on their design prinicples. The authors have vowed to never patent Rijndael\r\n\r\nRC6\r\n\r\nRC6 is Ronald Rivest\'s AES submission. Like all AES ciphers, RC6 works on 128 bit blocks. It can accept variable length keys. It is very similar to RC5, incorporating the results of various studies on RC5 to improve the algorithm. The studies of RC5 found that not all bits of data are used to determine the rotation amount (rotation is used extensively in RC5); RC6 uses multiplication to determine the rotation amount and uses all bits of input data to determine the rotation amount, strengthening the avalanche effect.\r\n\r\nTwoFish\r\n\r\nTwofish is Counterpane Systems\' AES submission. Designed by the Counterpane Team (Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson), Twofish has undergone extensive analysis by the Counterpane Team. There is a paper available from the Twofish web page and the source code is provided in optimized C and assembly.\r\n\r\nMars\r\n\r\nMARS is IBM\'s AES submission. There is a MARS web page, but it provides little more than a link to the MARS paper. MARS uses 128 bit blocks and supports variable key sizes (from 128 to 1248 bits). MARS is unique in that it combines virtually every design technique known to cryptographers in one algorithm. It uses addition and subtractions, S-boxes, fixed and data dependent rotations, and multiplications.\r\n\r\nBlowfish\r\n\r\nBlowfish is a block cipher designed by Bruce Schneier, author of Applied Cryptography. Blowfish combines a Feistel network, key-dependent S-Boxes, and a non-invertible F function to create what is perhaps one of the most secure algorithms available. There are no known attacks against Blowfish. Schneier\'s paper is available here.\r\n\r\nIdea\r\n\r\nIDEA, developed in Zurich, Switzerland by Xuejia Lai and James Massey, is generally regarded to be the best and most secure block algorithm available to the public today. It utilizes a 128-bit key and is designed to be resistant to differential cryptanalysis. Some attacks have been made against reduced round IDEA. \r\n\r\nGost\r\n\r\nGOST is a cryptographic algorithm from Russia that appears to be the Russian analog to DES both politically and technologically. Its designers took no chances, iterating the GOST algorithm for 32 rounds and using a 256 bit key. Although GOST\'s conservative design inspires confidence, John Kelsey has discovered a key-relation attack on GOST, described in a post to sci.crypt on 10 February 1996. There are also weak keys in GOST, but there are too few to be a problem when GOST is used with its standard set of S-boxes. You can read the official GOST algorithm description (translated from Russian) here. There is also a description of the GOST algorithm here.\r\n\r\nCast\r\n\r\nCAST, designed by Carlisle Adams and Stafford Taveres, is shaping up to be a solid algorithm. Its design is very similar to Blowfish\'s, with key-dependent S-Boxes, a non-invertible f function, and a Feistel network-like structure (called a substitution-permutation network). David Wagner, John Kelsey, and Bruce Schneier have discovered a related-key attack on the 64-bit version of CAST that requires approximately 217 chosen plaintexts, one related query, and 248 offline computations (described in this paper). The attack is infeasible at best. CAST is patented by Entrust Technologies, which has generously released it for free use. The CAST cipher design process is described in this paper and the 128-bit version is described in this addendum. Carlisle Adams has submitted a version of CAST (CAST-256) as an AES candidate.\r\n\r\nMisty1\r\n\r\nMisty is a cryptographic algorithm developed by Mitsubishi Electric after they broke DES in 1994. It is designed to withstand linear and differential cryptanalysis, but has not yet been cryptanalysed. As it has not undergone intensive peer review, the usual caution is recommended. It is being considered for inclusion into the SET 2.0 standard. Visit the MISTY web page or read the author\'s paper on MISTY.\r\n\r\nTable of Features \r\n\r\nCipher Patented MaxKeySize BlockSize Speed \r\nRC6 Yes 2048bits 128bits 1.66mb/s \r\nTwoFish No 256bits 128bits 2.12mb/s \r\nMars Yes 1248bits 128bits 1.38mb/s \r\nRijndael No 256bits 128bits 2.12mb/s \r\nBlowFish No 448bits 64bits 2.46mb/s \r\nIdea Yes 128bits 64bits 0.75mb/s \r\nGost No 256bits 64bits 1.63mb/s \r\nCast256 Yes 256bits 128bits 1.68mb/s \r\nCast128 No 128bits 64bits 2.60mb/s \r\nMisty1 Yes 128bits 64bits 1.01mb/s \r\n\r\n \r\n\r\nHash Algorithm\r\n\r\nSHA1\r\n\r\nSHA1 was developed by the NSA for NIST as part of the Secure Hash Standard (SHS). SHA1 is similar in design to MD4. The original published algorithm, known as SHA, was modified by NSA to protect against an unspecified attack; the updated algorithm is named SHA1. It produces a 160-bit digest -- large enough to protect against \"birthday\" attacks, where two different messages are selected to produce the same signature, for the next decade. The official FIPS description of SHA1 can be found here.\r\n\r\n\r\nSource Code\r\n\r\nThe source code of all the symmetric ciphers and hash component can be found at the Scramdisk Delphi site. The author of this implementation is David Barton, to whom I wish to express my gratitude.\r\n\r\n\r\n\r\n(c) 2000 Filetopia Inc. All rights reserved\r\n\r\n--end copy--\r\n\r\nHoping this page helps CISSP/CISA candidates a bit..\r\nthe link: \r\nhttp://www.filetopia.org/encryption.htm |
|