On Thu, 20 Mar 2003, Brian Hurt wrote:
> - bitset is being rewritten into bitarray, with the new features suggested
> by the change in name. The goal is to produce something you could write
> elliptic curve cryptosystems in at least semi-efficiently.
Umm...when you say EC cryptosystems, I assume you're just talking about a
package that's good for doing generic work over GF(2^n), right? That'd be
pretty handy to have around...
> - An elliptic curve crypto systems library.
Well, I've got my modifications to Xavier's cryptokit library that I could
contribute (I'd want to clear it with Xavier first though). I haven't
done too much to it yet, the changes I've made are listed at the end of
Anyway, I've been wanting to add an EC module to this library along with a
number of other changes and additions, such as:
- Repackage some stuff to create a byte-array type with easy conversion
between 8bits/byte (for working with internally) 4bits/byte (for working
with in a readible format), and appropriate manipulation routines
(shifts, rotates, boolean functions, etc.). I need to put more thought
into this, I've just been tossing things together in an ad-hoc fashion
when I need something for work -- perhaps your bitarrays would be all
that I'm really looking for.
- Fix arcfour so it can take a full 2048 bit key (I think Xavier misread
the specs and limited it to 128 bits).
- Add a generic Fiestel cipher construction.
- Add other ciphers like Blowfish, RC5, and some of the AES and NESSIE
applicants. I'd like to add SEAL, but I'm not sure what IBM's stance is
on its licensing is.
- Add a construction that allows for easy creation of Luby-Rackoff
- Add some qth root versions of PK ciphers.
- Add some more number theory tools (so far all I have is CRT-enabled
modular exponentiation used in the RSA module).
- Add some secret sharing tools.
- Figure out why the included implementation of SHA-1 runs so freakin'
slow on the PPC G4 processor...
- Perhaps add factoring and DL computation routines, but I'm not sure this
- Oh yeah...and fix my screwed up Ocamldoc documentation.
If you can think of anything else that should be added (or if you want to
help with the development of this let me know.
My changes to cryptokit (v1.0) so far:
* Replaced the bigint part of the library with much faster calls to
GMP using mlgmp (so I suppose I might need to talk to David Monniaux as
well -- I forget what the license situations are).
* Changed the RSA module so that it now has two keytypes, public and
private, and uses those key types appropriately (note: this breaks
compatability with the original cryptokit. Obviously.)
* Added DSA signatures (with the fix for Bleichenbacher's potential
* Added SHA-256, SHA-384, and SHA-512 (currently only compiles with
compilers that support the 64-bit long long type, e.g. gcc)
* Added Markus Jakobsson style hash chains.
* Added two new PRNGs (the crappy GMP default PRNG -- good for testing --
and a stronger, slower PRNG described by Peter Guttman)
* Added some random number routines for generating a specific number of
bits, rather than bytes, and returning the number either as a string or
as a GMP MP Integer.
* Added a number of random prime generation routines (probabilistic
primes, strong primes, proveable primes, and DSA primes)
* Added the cipherX construction that allows you to build DESX style
extensions out of any block cipher.
William D. Neumann
"Well I could be a genius, if I just put my mind to it.
And I...I could do anything, if only I could get 'round to it.
Oh we were brought up on the space-race, now they expect you to clean toilets.
When you've seen how big the world is, how can you make do with this?
If you want me, I'll be sleeping in - sleeping in throughout these glory days."
-- Jarvis Cocker