Crypto++

Crypto++
Crypto++
Crypto++-logo.png
Developer(s) Wei Dai
Initial release 1995
Stable release 5.6.1 / August 9, 2010; 14 months ago (2010-08-09)
Development status Active
Written in C++
Operating system Cross-platform
Type Development library
License Crypto++ License
Website http://www.cryptopp.com

Crypto++ (also known as CryptoPP, libcrypto++, and libcryptopp) is a free and open source C++ class library of cryptographic algorithms and schemes written by Wei Dai. Crypto++ has been widely used in academia, student projects, open source and non-commercial projects, as well as businesses.[1] Released in 1995, the library fully supports 32-bit and 64-bit architectures for many major operating systems, including Apple (Mac OS X and iOS), BSD, Linux, Solaris, and Windows. The project also supports compilation under a variety of compilers and IDEs, including Borland Turbo C++, Borland C++ Builder, Clang, CodeWarrior Pro, GCC (including Apple's GCC), Intel C++ Compiler (ICC), Microsoft Visual C/C++, and Sun Studio.

Contents

Algorithms

Crypto++ ordinarily provides complete cryptographic implementations, and often includes less popular, less frequently-used schemes. For example, Camellia is a ISO/NESSIE/IETF-approved block cipher roughly equivalent to AES, and Whirlpool is a ISO/NESSIE/IETF-approved hash function roughly equivalent to SHA; both are included in the library.[2] [3]

Additionally, the Crypto++ library sometimes makes proposed and bleeding edge algorithms and implementations available for study by the cryptographic community. For example, VMAC, a universal hash-based message authentication code, was added to the library during its submission to the Internet Engineering Task Force (CFRG Working Group); and Brainpool curves, proposed in March 2009 as an Internet Draft in RFC 5639, were added to Crypto++ 5.6.0 in the same month.[4] [5]

Crypto++ algorithms and implementations
Primitive or Operation Algorithms or Implementations
Pseudorandom number generators LCG, KDF2, Blum Blum Shub, ANSI X9.17
High speed stream ciphers Panama, Sosemanuk, Salsa20, XSalsa20
AES and AES candidates Rijndael (AES selection), RC6, MARS, Twofish, Serpent, CAST-256
Other block ciphers IDEA, Triple-DES (DES-EDE2 and DES-EDE3), Camellia, SEED, RC5, Blowfish, TEA, XTEA, Skipjack, SHACAL-2
Block cipher modes of operation ECB, CBC, Ciphertext stealing (CTS), CFB, OFB, Counter (CTR)
Authenticated encryption modes CCM, GCM, EAX
Block ciphers padding schemes PKCS#5, PKCS#7, Zeros, One and zeros
Message authentication codes VMAC, HMAC, CMAC, CBC-MAC, DMAC, Two-Track-MAC
Cryptographic hash function SHA-1, SHA-2 (SHA-224, SHA-256, SHA-384, and SHA-512), Tiger, WHIRLPOOL, RIPEMD-128, RIPEMD-256, RIPEMD-160, RIPEMD-320
Password based key derivation functions PBKDF1 and PBKDF2 from PKCS #5, PBKDF from PKCS #12 appendix B
Public-key cryptography RSA, DSA, ElGamal, Nyberg-Rueppel (NR), Rabin-Williams (RW), LUC, LUCELG, DLIES (variants of DHAES), ESIGN
Padding schemes for public-key systems PKCS#1 v2.0, OAEP, PSS, PSSR, IEEE P1363 EMSA2 and EMSA5
Key agreement schemes Diffie-Hellman (DH), Unified Diffie-Hellman (DH2), Menezes-Qu-Vanstone (MQV), LUCDIF, XTR-DH
Elliptic curve cryptography ECDSA, ECNR, ECIES, ECDH, ECMQV
Secret Sharing Shamir's secret sharing scheme, Rabin's information dispersal algorithm (IDA)

The library also makes available primitives for number theoretic operations such as a fast multi-precision integers; prime number generation and verification; finite field arithmetic, including GF(p) and GF(2n); elliptical curves; and polynomial operations.

Furthermore, the library retains a collection of insecure or obsolescent algorithms for backward compatibility and historical value: MD2, MD4, MD5, Panama Hash, DES, ARC4, SEAL 3.0, WAKE, WAKE-OFB, DESX (DES-XEX3), RC2, SAFER, 3-WAY, GOST, SHARK, CAST-128, and Square.

Performance

In a 2007 ECRYPT workshop paper focusing on public key implementations of eight libraries, Ashraf Abusharekh and Kris Kaj found that "Crypto++ 5.1 [sic] leads in terms of support for cryptographic primitives and schemes, but is the slowest of all investigated libraries."[6]

In 2008, speed tests carried out by Timo Bingmann using seven open source security libraries with 15 block ciphers, Crypto++ 5.5.2 was the top performing library under two block ciphers, and did not rank below the average library performance under the remaining block ciphers.[7]

Crypto++ also includes an auto-benchmarking feature, available from the command line (cryptest.exe b), the results of which are available at Crypto++ 5.6.0 Benchmarks.[8]

As with many other cryptographic libraries available for 32-bit and 64-bit x86 architectures, Crypto++ includes assembly routines for AES using AES-NI. With AES-NI, AES performance improves dramatically: 128-bit AES/GCM throughput increases from approximately 28.0 cycles per byte to 3.5 cycles per byte.[9] [10] [11]

Version releases

Crypto++ 1.0 was released in June 1995. Since its initial release, the library has seen nearly two dozen revisions, including an architectural change in version 5.0.[12][13] There have been eight releases using the version 5.0 architecture as of August 2010.[14]

Crypto++ releases since version 5.0
Version Released Date
Crypto++ 5.0 September 11, 2002
Crypto++ 5.1 March 24, 2003
Crypto++ 5.2.1 July 21, 2004
Crypto++ 5.4 December 23, 2006
Crypto++ 5.5.1 May 25, 2007
Crypto++ 5.5.2 September 24, 2007
Crypto++ 5.6.0 March 15, 2009
Crypto++ 5.6.1 August 9, 2010

Lawrence Teo's compilation of previous Crypto++ releases dating back to 1995 can be found in the users group archives.[15]

FIPS compliance

Unlike OpenSSL, which encountered post-validation issues from closed-sourced, for-profit factions,[16] Crypto++ has received three Federal Information Processing Standard (FIPS) 140-2 Level 1 module validations with no post-validation issues.[17]

FIPS validated Crypto++ modules
Version Certificate Dates
Crypto++ 5.0.4 Certificate 343[18] 2003-09-05, 2005-10-28
Crypto++ 5.2.3 Certificate 562[19] 2005-07-29, 2005-08-24, 2005-10-28
Crypto++ 5.3.0 Certificate 819[20] 2007-08-13, 2007-08-17

Licensing

As of version 5.6.1, Crypto++ consists of only public domain files, with a compilation copyright and a single open source license for the compilation copyright:[21]

The License of Crypto++ is somewhat unusual amongst open source projects. A distinction is made between the library as a compilation (i.e., collection), which is copyrighted by Wei Dai, and the individual files in it, which are public domain.

The library is copyrighted as a compilation in order to place certain disclaimers (regarding warranty, export, and patents) in the license and to keep the attributions and public domain declarations intact when Crypto++ is distributed in source code form. The fact that individual files are public domain means that legally you can place code segments, entire files, or small sets of files (up to the limit set by fair use) into your own project and do anything you want with them without worrying about the copyright.

Crypto++ Website

See also

References

  1. ^
  2. ^ "Japan's First 128-bit Block Cipher 'Camellia' Approved as a New Standard Encryption Algorithm in the Internet". physorg.com. http://www.physorg.com/news5315.html. Retrieved 2010-08-12. 
  3. ^ A. Hartikainen, T. Toivanen, H. Kiljunen (2005). "Whirlpool hashing function". Secure Communications, Seminar Workshop. http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.98.6099&rep=rep1&type=pdf. Retrieved 2010-08-12. 
  4. ^ "Elliptic Curve Cryptography (ECC) Brainpool Standard Curves and Curve Generation". RFC 5639. IETF. 2009. http://tools.ietf.org/html/rfc5639. Retrieved 2010-08-08. 
  5. ^ "Crypto++ 5.6.0 Release Notes". Crypto++ Website. 2009. http://www.cryptopp.com/. Retrieved 2010-08-08. 
  6. ^ A. Abusharekh and K. Kaj (2007). "Comparative Analysis of Software Libraries for Public Key Cryptography". ECRYPT Workshop on Software Performance Enhancement for Encryption and Decryption. http://volgenau.gmu.edu/~kgaj/publications/conferences/GMU_SPEED_2007.pdf. Retrieved 2010-08-12. 
  7. ^ T. Bingmann (2008). "Speedtest and Comparison of Open-Source Cryptography Libraries and Compiler Flags". Timo Bingmann Weblog. http://idlebox.net/2008/0714-cryptography-speedtest-comparison/. Retrieved 2010-08-10. 
  8. ^ "Crypto++ 5.6.0 Benchmarks". Crypto++ Website. 2009. http://www.cryptopp.com/benchmarks.html. Retrieved 2010-08-10. 
  9. ^ P. Schmid and A. Roos (2010). "AES-NI Performance Analyzed". Tom's Hardware. http://www.tomshardware.com/reviews/clarkdale-aes-ni-encryption,2538.html. Retrieved 2010-08-10. 
  10. ^ T. Krovetz, W. Dai (2010). "Misdetection of MIPS endianness & How to get fast AES calls?". Crypto++ user group. http://groups.google.com/group/cryptopp-users/msg/a688203c2314ef08. Retrieved 2010-08-11. 
  11. ^ "Crypto++ 5.6.0 Pentium 4 Benchmarks". Crypto++ Website. 2009. http://www.cryptopp.com/benchmarks-p4.html. Retrieved 2010-08-10. 
  12. ^ Announcement (2002). "Crypto++ 5.0 beta available". Crypto++ Mailing List. http://groups.google.com/group/cryptopp-users/msg/fe8a49890c1d5484. Retrieved 2010-08-09. 
  13. ^ Announcement (2002). "Crypto++ 5.0 update". Crypto++ Mailing List. http://groups.google.com/group/cryptopp-users/browse_thread/thread/5eddbbd5fde32a33/eca9f6071d470d8c. Retrieved 2010-08-09. 
  14. ^ "Crypto++ Announcements List". Sourceforge.net. http://sourceforge.net/mailarchive/forum.php?forum_name=cryptopp-announce. Retrieved 2010-08-14. 
  15. ^ L. Teo (2002). "Release Dates of Previous Versions". Crypto++ Mailing List. http://groups.google.com/group/cryptopp-users/msg/c6d44b381c78a2bf. Retrieved 2010-08-09. 
  16. ^ "NIST recertifies open source encryption module". Government Computer News. 2007. http://gcn.com/articles/2007/02/16/nist-recertifies-open-source-encryption-module.aspx. Retrieved 2010-08-09. 
  17. ^ "Crypto++TM Library Versions 5.3.0 [32-bit and 64-bit] Security Policy". Cryptographic Module Validation Program (CMVP). 2007. http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp819.pdf. Retrieved 2010-08-08. 
  18. ^ "Validated FIPS 140-1 and FIPS 140-2 Cryptographic Modules (2003)". Cryptographic Module Validation Program (CMVP). 2003. http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2003.htm#343. Retrieved 2010-08-08. 
  19. ^ "Validated FIPS 140-1 and FIPS 140-2 Cryptographic Modules (2005)". Cryptographic Module Validation Program (CMVP). 2005. http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2005.htm#562. Retrieved 2010-08-08. 
  20. ^ "Validated FIPS 140-1 and FIPS 140-2 Cryptographic Modules (2007)". Cryptographic Module Validation Program (CMVP). 2007. http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2007.htm#819. Retrieved 2010-08-08. 
  21. ^ "Compilation Copyright for Crypto++". Crypto++ Website. http://www.cryptopp.com/License.txt. Retrieved 2010-08-15. 

External links


Wikimedia Foundation. 2010.

Игры ⚽ Поможем сделать НИР

Look at other dictionaries:

  • Crypto AG — Website http://www.crypto.ch/ Crypto AG is a Swiss company specialising in communications and information security. With headquarters in Steinhausen, the company is a long established manufacturer of encryption machines and a wide variety of… …   Wikipedia

  • crypto- — ♦ Élément, du gr. kruptos « caché ». crypto élément, du gr. kruptos, caché . ⇒CRYPT(O) , (CRYPT , CRYPTO )élément préf. Élément préf. tiré du gr. « caché », entrant dans la compos. de nombreux termes composés sc., de bot. et d entomol. en partic …   Encyclopédie Universelle

  • Crypto AG — Crypto Site web http://www.crypto.ch/ …   Wikipédia en Français

  • Crypto AG — Rechtsform Aktiengesellschaft [1] Gründung 1952 Sitz Steinhausen, Schweiz Leitung Giuliano Otth ( …   Deutsch Wikipedia

  • CRYPTO — Cette page d’homonymie répertorie les différents sujets et articles partageant un même nom …   Wikipédia en Français

  • Crypto-1 — NXP Crypto 1 General Designers Philips/NXP First published October 6 2008 Cipher detail …   Wikipedia

  • Crypto-1 — Crypto 1  проприетарный алгоритм шифрования, созданный NXP Semiconductors для использования в RFID картах стандарта Mifare (Classic). Данный стандарт используется различными картами, в частности: социальной картой москвича, Oyster card,… …   Википедия

  • crypto — [kʀipto] n. ÉTYM. V. 1950; de crypto . ❖ ♦ Polit. Cryptocommuniste. 0 Ce Beigbeder n est pas si sot que de croire le président Truman homme à se décider sur l avis d un écrivain français, fût il prix Nobel, d un écrivain qui aurait pris ses… …   Encyclopédie Universelle

  • crypto- — before vowels crypt , combining element meaning secret or hidden, used in forming English words since at least 1760, from Gk. kryptos hidden, concealed, secret (the Gk. comb. form was krypho ). Crypto fascist is attested from 1937; crypto… …   Etymology dictionary

  • crypto- — [krıptəu, tə US tou, tə] prefix formal [: Modern Latin; Origin: Greek kryptos hidden , from kryptein to hide ] secret or hidden ▪ a crypto Communist …   Dictionary of contemporary English

Share the article and excerpts

Direct link
Do a right-click on the link above
and select “Copy Link”