mdw [Sat, 15 Jul 2000 17:47:58 +0000 (17:47 +0000)]
Fix bug in decryption key scheduling.
mdw [Sat, 15 Jul 2000 15:39:48 +0000 (15:39 +0000)]
The NSA's Skipjack block cipher.
mdw [Sat, 15 Jul 2000 13:47:14 +0000 (13:47 +0000)]
Whoops. Fix the purpose comment.
mdw [Sat, 15 Jul 2000 13:44:32 +0000 (13:44 +0000)]
New ciphers.
mdw [Sat, 15 Jul 2000 10:17:19 +0000 (10:17 +0000)]
Anderson and Biham's Tiger hash function added.
mdw [Sat, 15 Jul 2000 10:03:51 +0000 (10:03 +0000)]
New HMAC test vectors from the RIPEMD160 home page.
mdw [Sat, 15 Jul 2000 10:03:30 +0000 (10:03 +0000)]
Test rig added, based on RIPEMD160-MGF1 test vectors.
mdw [Sat, 15 Jul 2000 10:03:13 +0000 (10:03 +0000)]
Formatting changes.
mdw [Sat, 15 Jul 2000 10:02:43 +0000 (10:02 +0000)]
Anderson and Biham's Tiger hash function added.
mdw [Sat, 15 Jul 2000 10:02:07 +0000 (10:02 +0000)]
Include missing header file.
mdw [Sat, 15 Jul 2000 10:01:08 +0000 (10:01 +0000)]
Bug fix in binary input.
mdw [Sat, 15 Jul 2000 10:00:58 +0000 (10:00 +0000)]
New generic hash operation for copying hash contexts.
mdw [Sun, 9 Jul 2000 21:34:15 +0000 (21:34 +0000)]
New hash functions and other stuff.
mdw [Sun, 9 Jul 2000 21:33:54 +0000 (21:33 +0000)]
Tidy up the formatting a little.
mdw [Sun, 9 Jul 2000 21:33:40 +0000 (21:33 +0000)]
Add testing for mp_factorial.
mdw [Sun, 9 Jul 2000 21:32:30 +0000 (21:32 +0000)]
Pollard's rho algorithm for computing discrete logs.
mdw [Sun, 9 Jul 2000 21:32:16 +0000 (21:32 +0000)]
rabin_test: Correct error in comment.
mdw [Sun, 9 Jul 2000 21:31:55 +0000 (21:31 +0000)]
Support `-t' flag for building test rigs.
mdw [Sun, 9 Jul 2000 21:31:43 +0000 (21:31 +0000)]
Use `mpmul'.
mdw [Sun, 9 Jul 2000 21:31:34 +0000 (21:31 +0000)]
Delete the spinner when the search finishes.
mdw [Sun, 9 Jul 2000 21:31:10 +0000 (21:31 +0000)]
Fix bug, and add a test rig.
mdw [Sun, 9 Jul 2000 21:30:58 +0000 (21:30 +0000)]
Lim-Lee prime generation.
mdw [Sun, 9 Jul 2000 21:30:49 +0000 (21:30 +0000)]
Demo program to compute factorials.
mdw [Sun, 9 Jul 2000 21:30:34 +0000 (21:30 +0000)]
New RIPEMD variants.
mdw [Thu, 6 Jul 2000 18:22:18 +0000 (18:22 +0000)]
Remove the trailing carriage returns.
mdw [Wed, 5 Jul 2000 17:49:48 +0000 (17:49 +0000)]
Fix decoding functions, so that they don't run off the end of the
buffer.
mdw [Wed, 5 Jul 2000 17:49:31 +0000 (17:49 +0000)]
Fix out-of-range k value. (This makes the test tidier. Hmm. Maybe I
did that deliberately. Oh, well.)
mdw [Mon, 3 Jul 2000 18:14:53 +0000 (18:14 +0000)]
Version bump.
mdw [Mon, 3 Jul 2000 18:09:27 +0000 (18:09 +0000)]
Bug fix to the GCD check. With any luck, this is the last of these to
need nailing to the wall.
mdw [Mon, 3 Jul 2000 18:08:24 +0000 (18:08 +0000)]
Include `bits.h'.
mdw [Sun, 2 Jul 2000 18:44:36 +0000 (18:44 +0000)]
Version bump.
mdw [Sun, 2 Jul 2000 18:27:42 +0000 (18:27 +0000)]
(ghash->ops->done): Interface change. Passing in a null buffer pointer
uses a buffer internal to the ghash object. The operation returns the
address of the buffer it used. Clients of generic hashes no longer need
to use dynamically allocated memory for hash results.
mdw [Sun, 2 Jul 2000 18:24:39 +0000 (18:24 +0000)]
Use a new multiplication function from an Ascom white paper to resist
timing attacks.
mdw [Sat, 1 Jul 2000 11:27:32 +0000 (11:27 +0000)]
Name changes and new files.
mdw [Sat, 1 Jul 2000 11:27:22 +0000 (11:27 +0000)]
Use new PKCS#1 padding functions rather than rolling by hand.
mdw [Sat, 1 Jul 2000 11:27:03 +0000 (11:27 +0000)]
Portability fix: don't assume that `stdout' is a constant expression.
Remove old type name `bbs_param'.
mdw [Sat, 1 Jul 2000 11:24:52 +0000 (11:24 +0000)]
Remove old debugging code.
mdw [Sat, 1 Jul 2000 11:24:37 +0000 (11:24 +0000)]
Remove bad type name `rsa_param'. New functions for freeing public and
private keys. Add types and functions for doing pubic key operations,
and padded RSA operations.
mdw [Sat, 1 Jul 2000 11:23:52 +0000 (11:23 +0000)]
Public-key operations, for symmetry with `rsa-priv.c'. Functions for
doing padded RSA encryption and signature verification.
mdw [Sat, 1 Jul 2000 11:23:20 +0000 (11:23 +0000)]
Renamed from `rsa-decrypt', since the name was no longer appropriate.
Add functions for doing padded RSA decryption and signing.
mdw [Sat, 1 Jul 2000 11:22:22 +0000 (11:22 +0000)]
Remove bad type name `rsa_param'.
mdw [Sat, 1 Jul 2000 11:21:56 +0000 (11:21 +0000)]
Moved to `rsa-priv.c'.
mdw [Sat, 1 Jul 2000 11:21:39 +0000 (11:21 +0000)]
New interface for computing products of many (small) integers.
mdw [Sat, 1 Jul 2000 11:20:51 +0000 (11:20 +0000)]
New functions for freeing public and private keys.
mdw [Sat, 1 Jul 2000 11:20:36 +0000 (11:20 +0000)]
Remove bad type name `bbs_param'.
mdw [Sat, 1 Jul 2000 11:20:24 +0000 (11:20 +0000)]
New functions for freeing public and private keys. Remove bad type name
`bbs_param'.
mdw [Sat, 1 Jul 2000 11:18:51 +0000 (11:18 +0000)]
Use new interfaces for key manipulation.
mdw [Sat, 1 Jul 2000 11:18:30 +0000 (11:18 +0000)]
Support for Optimal Asymmetric Encryption Padding.
mdw [Sat, 1 Jul 2000 11:17:38 +0000 (11:17 +0000)]
New support for PKCS#1 message encoding.
mdw [Sat, 1 Jul 2000 11:09:20 +0000 (11:09 +0000)]
(pgen_gcd): Bug fix -- check the GCDs of the right things when deciding
whether to abort.
mdw [Mon, 26 Jun 2000 17:14:42 +0000 (17:14 +0000)]
(rslog): Ensure that log(1) = 0 (not 255, as previously). While the two
are strictly equivalent, it means that the exp table is larger than it
otherwise needs to be.
mdw [Mon, 26 Jun 2000 07:54:52 +0000 (07:54 +0000)]
Version bump.
mdw [Mon, 26 Jun 2000 07:52:50 +0000 (07:52 +0000)]
Portability fix for the bug fix.
mdw [Sun, 25 Jun 2000 13:02:07 +0000 (13:02 +0000)]
Fix cleaning of generated files.
mdw [Sun, 25 Jun 2000 12:59:09 +0000 (12:59 +0000)]
Version bump.
mdw [Sun, 25 Jun 2000 12:59:02 +0000 (12:59 +0000)]
(mpx_udiv): Fix bug in quotient digit estimation.
mdw [Sun, 25 Jun 2000 12:58:34 +0000 (12:58 +0000)]
New tests for bugs.
mdw [Sun, 25 Jun 2000 12:58:23 +0000 (12:58 +0000)]
Fix the derivation of `depth' commentary.
mdw [Sat, 24 Jun 2000 20:06:21 +0000 (20:06 +0000)]
Minor reformatting.
mdw [Sat, 24 Jun 2000 19:11:47 +0000 (19:11 +0000)]
Fix daft error in the comment for @gfshare_get@.
mdw [Sat, 24 Jun 2000 18:29:05 +0000 (18:29 +0000)]
Interface change: allow shares to be extracted from a context on demand,
rather than building them all up-front.
mdw [Thu, 22 Jun 2000 19:10:33 +0000 (19:10 +0000)]
Fix Makefile to test mp-sqrt.c.
mdw [Thu, 22 Jun 2000 19:04:19 +0000 (19:04 +0000)]
More new functions to be added.
mdw [Thu, 22 Jun 2000 19:03:14 +0000 (19:03 +0000)]
Use the new @mp_odd@ function.
mdw [Thu, 22 Jun 2000 19:02:53 +0000 (19:02 +0000)]
New function @mp_odd@ to extract powers of two from an integer. This is
common code from the Rabin-Miller test, RSA key recovery and modular
square-root extraction.
mdw [Thu, 22 Jun 2000 19:02:01 +0000 (19:02 +0000)]
Add new functions.
mdw [Thu, 22 Jun 2000 19:01:44 +0000 (19:01 +0000)]
Compute (approximations to) integer square roots.
mdw [Thu, 22 Jun 2000 19:01:31 +0000 (19:01 +0000)]
Compute square roots in a prime field.
mdw [Thu, 22 Jun 2000 19:01:14 +0000 (19:01 +0000)]
New test cases for square root functions.
mdw [Thu, 22 Jun 2000 18:58:00 +0000 (18:58 +0000)]
Twofish can handle keys with any byte-aligned size.
mdw [Thu, 22 Jun 2000 18:04:13 +0000 (18:04 +0000)]
Improve secret reconstruction -- compute coefficients as needed rather
than making a big array of them.
mdw [Sun, 18 Jun 2000 23:31:18 +0000 (23:31 +0000)]
Rearrange build order to ensure that `mptypes.h' exists by the time it's
needed.
mdw [Sun, 18 Jun 2000 23:26:09 +0000 (23:26 +0000)]
Whoops. Fix a typo.
mdw [Sun, 18 Jun 2000 23:12:15 +0000 (23:12 +0000)]
Change typesetting of Galois Field names.
mdw [Sun, 18 Jun 2000 23:05:19 +0000 (23:05 +0000)]
Minor performance tweak: use Barrett reduction rather than Montgomery.
Fast secret sharing isn't done here, though: see `gfshare' instead.
mdw [Sat, 17 Jun 2000 13:51:03 +0000 (13:51 +0000)]
Whoops. Too eager with the mLib version.
mdw [Sat, 17 Jun 2000 13:28:50 +0000 (13:28 +0000)]
Minor tidying and fixing.
mdw [Sat, 17 Jun 2000 12:57:47 +0000 (12:57 +0000)]
New free counter noise generator, for use if /dev/random is
unavailable.
mdw [Sat, 17 Jun 2000 12:21:39 +0000 (12:21 +0000)]
Add braces to shut compiler up. Reformat code slightly.
mdw [Sat, 17 Jun 2000 12:12:29 +0000 (12:12 +0000)]
Ignore uninteresting files.
mdw [Sat, 17 Jun 2000 12:12:20 +0000 (12:12 +0000)]
Build mLib test vector files from the AES files.
mdw [Sat, 17 Jun 2000 12:12:05 +0000 (12:12 +0000)]
Convert AES test vector files to mLib format.
mdw [Sat, 17 Jun 2000 12:11:49 +0000 (12:11 +0000)]
New cipher.
mdw [Sat, 17 Jun 2000 12:11:39 +0000 (12:11 +0000)]
More regression tests.
mdw [Sat, 17 Jun 2000 12:11:34 +0000 (12:11 +0000)]
More regression tests. Test binary I/O.
mdw [Sat, 17 Jun 2000 12:10:32 +0000 (12:10 +0000)]
Make the `.catacomb' directory if it doesn't exist.
mdw [Sat, 17 Jun 2000 12:10:09 +0000 (12:10 +0000)]
Add some argument checking. Use MP secure memory interface.
mdw [Sat, 17 Jun 2000 12:09:38 +0000 (12:09 +0000)]
Shamir's secret sharing system.
mdw [Sat, 17 Jun 2000 12:09:25 +0000 (12:09 +0000)]
Set up Makefile in `tests' subdirectory. Copy the public release key.
mdw [Sat, 17 Jun 2000 12:08:28 +0000 (12:08 +0000)]
Restructure handling of cipher-based generators. Add counter-mode
ciphers and MGF-1 hash functions. Add FIPS 140-1 and Maurer's tests.
mdw [Sat, 17 Jun 2000 12:07:36 +0000 (12:07 +0000)]
Add key fetching interface. Add new rsa_decrypt interface.
mdw [Sat, 17 Jun 2000 12:07:19 +0000 (12:07 +0000)]
Fix a bug in argument validation. Force %$p > q$% in output. Use
%$\lambda(n) = \lcm(p - 1, q - 1)$% rather than the more traditional
%$\phi(n) = (p - 1)(q - 1)$% when computing the decryption exponent.
mdw [Sat, 17 Jun 2000 12:05:15 +0000 (12:05 +0000)]
Lots of changes:
* Apply limits on %$\gcd(p - 1, q - 1)$% to reduce the space of
equivalent decryption exponents.
* Force %$e = F_4 = 2^{16} + 1$% to avoid small-encryption-exponent
attacks.
* Ensure that %$p > q$% and that %$p - q$% is large to deter
square-root-based factoring methods.
* Use %$e d \equiv 1 \pmod{\lambda(n)}$%, where %$\lambda(n)$% is
%$\lcm(p - 1, q - 1)$%, as recommended in PKCS#1, rather than the
more usual %$\varphi(n) = (p - 1)(q - 1)$%.
* Handle aborts from pgen_jump.
mdw [Sat, 17 Jun 2000 11:57:56 +0000 (11:57 +0000)]
Improve bulk performance by making better use of Montgomery
multiplication and separating out initialization and finalization from
the main code.
mdw [Sat, 17 Jun 2000 11:56:07 +0000 (11:56 +0000)]
New cipher.
mdw [Sat, 17 Jun 2000 11:56:00 +0000 (11:56 +0000)]
New key size interface. Use secure arena for memory allocation.
mdw [Sat, 17 Jun 2000 11:55:50 +0000 (11:55 +0000)]
New key size interface. Add notes about the cipher.
mdw [Sat, 17 Jun 2000 11:55:22 +0000 (11:55 +0000)]
New key size interface. Allow key material to be combined with an
existing initialized context. Use secure arena for memory allocation.
mdw [Sat, 17 Jun 2000 11:55:13 +0000 (11:55 +0000)]
New key size interface. Allow key material to be combined with an
existing initialized context.
mdw [Sat, 17 Jun 2000 11:54:27 +0000 (11:54 +0000)]
Use new MP memory management functions.