Standards compliance

Blowfish

Blowfish has been implemented as per:

"Description of a New Varible-Length Key, 64-bit Block Cipher (Blowfish)", Bruce Schneier, "Fast Software Encryption", Lecture Notes in Computer Science No. 809, Springer-Verlag 1994.

The Blowfish modes of operation are given in:

ISO/IEC 8372, "Information Technology - Modes of Operation for a 64-bit Block Cipher Algorithm".

The Blowfish code has been validated against the Blowfish reference implementation test vectors.


CAST-128

CAST has been implemented as per:

RFC 2144, "The CAST-128 Encryption Algorithm", Carlisle Adams, May 1997.

The CAST-128 code has been validated against the RFC 2144 test vectors.


DES

DES has been implemented as per:

ANSI X3.92, "American National Standard, Data Encryption Algorithm", 1981.

FIPS PUB 46-2, "Data Encryption Standard", 1994.

FIPS PUB 74, "Guidelines for Implementing and Using the NBS Data Encryption Standard", 1981.

ISO/IEC 8731:1987, "Banking - Approved Algorithms for Message Authentication - Part 1: Data Encryption Algorithm (DEA)".

The DES modes of operation are given in:

ANSI X3.106, "American National Standard, Information Systems - Data Encryption Algorithm - Modes of Operation", 1983.

FIPS PUB 81, "DES Modes of Operation", 1980.

ISO/IEC 8372, "Information Technology - Modes of Operation for a 64-bit Block Cipher Algorithm".

The DES code has been validated against the test vectors given in:

NIST Special Publication 500-20, "Validating the Correctness of Hardware Implementations of the NBS Data Encryption Standard".


Triple DES

Triple DES has been implemented as per:

ANSI X9.17, "American National Standard, Financial Institution Key Management (Wholesale)", 1985.

ISO/IEC 8732:1987, "Banking - Key Management (Wholesale)".

The triple DES modes of operation are given in:

ISO/IEC 8372, "Information Technology - Modes of Operation for a 64-bit Block Cipher Algorithm".


Diffie-Hellman

DH has been implemented as per:

PKCS #3, "Diffie-Hellman Key Agreement Standard", 1991.


DSA

DSA has been implemented as per:

ANSI X9.30-1, "American National Standard, Public-Key Cryptography Using Irreversible Algorithms for the Financial Services Industry", 1993.

FIPS PUB 186, "Digital Signature Standard", 1994.

The DSA code has been validated against the FIPS 186 test vectors.


HMAC-MD5

HMAC-MD5 has been implemented as per:

RFC 2104, "HMAC: Keyed-Hashing for Message Authentication", Hugo Krawczyk, Mihir Bellare, and Ran Canetti, February 1997.

The HMAC-MD5 code has been validated against the test vectors given in:

"Test Cases for HMAC-MD5 and HMAC-SHA-1", Pau-Chen Cheng and Robert Glenn, March 1997.


HMAC-SHA1

HMAC-SHA1 has been implemented as per:

RFC 2104, "HMAC: Keyed-Hashing for Message Authentication", Hugo Krawczyk, Mihir Bellare, and Ran Canetti, February 1997.

The HMAC-SHA1 code has been validated against the test vectors given in:

"Test Cases for HMAC-MD5 and HMAC-SHA-1", Pau-Chen Cheng and Robert Glenn, March 1997.


IDEA

IDEA has been implemented as per:

"Device for the Conversion of a Digital Block and the Use Thereof", James Massey and Xuejia Lai, International Patent PCT/CH91/00117, 1991.

"Device for the Conversion of a Digital Block and Use of Same", James Massey and Xuejia Lai, US Patent #5,214,703, 1993.

"On the Design and Security of Block Ciphers", Xuejia Lai, ETH Series in Information Processing, Vol.1, Hartung-Gorre Verlag, 1992.

ISO/IEC 9979, "Data Cryptographic Tecniques - Procedures for the Registration of Cryptographic Algorithms".

The IDEA modes of operation are given in:

ISO/IEC 8372, "Information Technology - Modes of Operation for a 64-bit Block Cipher Algorithm".

The IDEA code has been validated against the ETH reference implementation test vectors.


MD2

MD2 has been implemented as per:

RFC 1319, "The MD2 Message Digest Algorithm", Burt Kaliski, 1992.

The MD2 code has been validated against the RFC 1319 reference implementation test vectors.


MD4

MD4 has been implemented as per:

RFC 1320, "The MD4 Message Digest Algorithm", Ronald Rivest, 1992.

The MD4 code has been validated against the RFC 1320 reference implementation test vectors.


MD5

MD5 has been implemented as per:

RFC 1321, "The MD5 Message Digest Algorithm", Ronald Rivest, 1992.

The MD5 code has been validated against the RFC 1321 reference implementation test vectors.


MDC-2

MDC-2 has been implemented as per:

ISO/IEC 10118-2, "Information Technology - Security Techniques - Hash functions, Part 2: Hash functions using an n-bit block cipher algorithm", 1994.

The MDC-2 code has been validated against the MDC-2 reference implementation test vectors.


RSA

The RSA code is implemented as per:

ANSI X9.31-1, "American National Standard, Public-Key Cryptography Using Reversible Algorithms for the Financial Services Industry", 1993.

PKCS #1, "RSA Encryption Standard", 1991.

ISO IEC 9594-8/ITU-T X.509, "Information Technology - Open Systems Interconnection - The Directory: Authentication Framework".


RC2

The RC2 code is implemented as per:

"The RC2 Encryption Algorithm", Ronald Rivest, RSA Data Security Inc, 1992.

The RC2 modes of operation are given in:

ISO/IEC 8372, "Information Technology - Modes of Operation for a 64-bit Block Cipher Algorithm".

The RC2 code has been validated against RSADSI BSAFE test vectors.


RC4

The RC4 code is implemented as per:

"The RC4 Encryption Algorithm", Ronald Rivest, RSA Data Security Inc, 1992.

The RC4 code has been validated against RSADSI BSAFE test vectors.


RC5

The RC5 code is implemented as per:

"The RC5 Encrypion Algorithm", Ronald Rivest, "Fast Software Encryption II", Lecture Notes in Computer Science No.1008, Springer-Verlag 1995.

The RC5 modes of operation are given in:

ISO/IEC 8372, "Information Technology - Modes of Operation for a 64-bit Block Cipher Algorithm".

The RC5 code has been validated against the RC5 reference implementation test vectors.


RIPEMD-160

The RIPEMD-160 code has been implemented as per:

"RIPEMD-160: A strengthened version of RIPEMD", Hans Dobbertin, Antoon Bosselaers, and Bart Preneel, "Fast Software Encryption III", Lecture Notes in Computer Science No.1008, Springer-Verlag 1995.

ISO/IEC 10118-3, "Information Technology - Security Techniques - Hash functions, Part 3: Dedicated hash functions", 1997.

The RIPEMD-160 code has been validated against the RIPEMD-160 reference implementation test vectors.


SHA/SHA1

The SHA code has been implemented as per:

ANSI X9.30-2, "American National Standard, Public-Key Cryptography Using Irreversible Algorithms for the Financial Services Industry", 1993.

ISO/IEC 10118-3, "Information Technology - Security Techniques - Hash functions, Part 3: Dedicated hash functions", 1997.

FIPS PUB 180, "Secure Hash Standard", 1993.

FIPS PUB 180-1, "Secure Hash Standard", 1994.

The SHA code has been validated against the test vectors given in:

FIPS PUB 180, "Secure Hash Standard", 1993.

The SHA1 code has been validated against the test vectors given in:

FIPS PUB 180-1, "Secure Hash Standard", 1994.


Safer/Safer-SK

The Safer code has been implemented as per:

"SAFER K-64: A Byte-Oriented Block-Ciphering Algorithm", James L.Massey, "Fast Software Encryption", Lecture Notes in Computer Science No. 809, Springer-Verlag 1994.

The Safer-SK code has been implemented as per:

"SAFER K-64: One Year Later", James L.Massey, "Fast Software Encryption II", Lecture Notes in Computer Science No.1008, Springer-Verlag 1995.

The Safer/Safer-SK modes of operation are given in:

ISO/IEC 8372, "Information Technology - Modes of Operation for a 64-bit Block Cipher Algorithm".

The Safer/Safer-SK code has been validated against the ETH reference implementation test vectors.


Data Structures

All message exchange data structures are specified as per:

ISO/IEC 8824-1:1993/ITU-T X.680, "Information Technology - Open Systems Interconnection - Abstract Syntax Notation One (ASN.1) - Part 1: Specification of Basic Notation".

The encoding is as per:

ISO/IEC 8825-3:1993/ITU-T X.692, "Information Technology - Open Systems Interconnection - Specification of ASN.1 Encoding Rules - Part 3: Distinguished Canonical Encoding Rules".

The ASN.1 specifications for the message structures are given in the file cryptlib.asn.


General

The encryption subsystem has been implemented at a level equivalent to level 1 of the standard given in:

FIPS PUB 140-1, "Security Requirements for Cryptographic Modules", 1993.

The random-data acquisition routines follow the guidelines laid out in:

"Randomness Recommendations for Security", RFC 1750, Donald Eastlake, Stephen Crocker, and Jeffrey Schiller, December 1994.

"Cryptographic Random Numbers", IEEE P1363 Appendix E, Draft version 1.0, 11 November 1995.


cryptlib Information / Peter Gutmann / pgut001@cs.auckland.ac.nz
Information last updated 18 May 1998