[cryptography] concept
Hi all, I mentioned not a while ago that I am planning to write a boost cryptographic library. I am getting there. We have template classes that implement a certain interface (not virtual functions). These classes are: secure_allocator: An allocator which removes the buffers allocated when they are destructed by overwriting them. block_cipher: Any class that could set a key and encrypt/decrypt a constant size of message. (I have included AES, Serpent, Twofish and MARS, however, we could always add more algorithms) stream_cipher: By definition stream_cipher is a cipher that could process messages of any length. hash_function: Is a class that could compute a cryptographically secure hash signature for an arbitrarily long messages. (I have added whirlpool and will be adding more). wipe_algorithm: An algorithm that provides the patterns of wipe for a given pass and fills a given buffer with patterns (It needs to have a prng template to be used on random patterns). By using a mode of operation we could turn the concept of block_cipher into a stream_cipher. For example cryptolib::ctr<cryptolib::aes> is a stream_cipher concept. I have implemented ictr, ctr and will be implementing XTS, LRW soon. classes: cryptolib::entropy_poll<cryptolib::hash_function>: A class that polls random data and mixes the data using a hash function. cryptolib::entropy_thread<cryptolib::entropy_poll>: Calling the polling function of the entropy_poll at "random" but regulated intervals using boost::thread library. cryptolib::crypto_istream<cryptolib::stream_cipher>: cryptolib::crypto_ostream<cryptolib::stream_cipher>: cryptolib::crypto_oistream<cryptolib::stream_cipher>: classes that behave similar to 'std' iostream ,however, they seamlessly encrypt/decrypt the data as they operate. cryptolib::wipe_fstream<cryptolib::wipe_algorithm>: Wipes the file using the patterns by the template wipe algorithm. This class would determine the cluster size and wipe the entire cluster occupied by the file (this is platform specific, so we need to implement the algorithm for different platforms). finally we have the cryptolib::crypto_fstream that could be given a direction (i.e. encryption or decryption) and will operate seamlessly on the data. What do you think? Anything that I am missing on? Best regards Kasra __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
On Sun, 19 Oct 2008 12:00:19 -0700 (PDT), "Kasra Nassiri\(Math & ComSci\)" <kasra_n500@yahoo.com> wrote:
What do you think? Anything that I am missing on?
Asymmetric ciphers. Also, I think cipher streams should be implemented at the stream buffer (or boost.iostream filter) level. Sebastian
hi all can I use boost lib in commercial SW? Regards, zhou rui
can I use boost lib in commercial SW?
If your legal advisers will let you ;-) http://www.boost.org/users/license.html will help them decide. But in a word - yes. Paul --- Paul A Bristow Prizet Farmhouse, Kendal, Cumbria UK LA8 8AB +44 1539561830 & SMS, Mobile +44 7714 330204 & SMS pbristow@hetp.u-net.com
The linked page (http://www.boost.org/users/license.html) says "Currently, some Boost libraries have their own licenses." Is this still true? -----Original Message----- From: boost-bounces@lists.boost.org [mailto:boost-bounces@lists.boost.org] On Behalf Of Paul A Bristow Sent: Dienstag, 21. Oktober 2008 10:41 To: boost@lists.boost.org Subject: Re: [boost] [license]
can I use boost lib in commercial SW?
If your legal advisers will let you ;-) http://www.boost.org/users/license.html will help them decide. But in a word - yes. Paul --- Paul A Bristow Prizet Farmhouse, Kendal, Cumbria UK LA8 8AB +44 1539561830 & SMS, Mobile +44 7714 330204 & SMS pbristow@hetp.u-net.com _______________________________________________ Unsubscribe & other changes: http://lists.boost.org/mailman/listinfo.cgi/boost
Paul A Bristow wrote:
can I use boost lib in commercial SW?
Thomas Klimpel wrote:
The linked page (http://www.boost.org/users/license.html) says "Currently, >some Boost libraries have their own licenses." Is this still true?
I don't know about other libraries but GIL comes with the standard Boost license. You can use it in commercial code. http://www.boost.org/users/license.html Lubomir
Kasra Nassiri(Math & ComSci) escreveu:
What do you think? Anything that I am missing on?
The concept of a cryptographic token. I have in the past also considered what would be a generic cryptographic library; I agree with the general approach of searching for the concepts modelled by cryptographic primitives but feel no truly useful cryptographic library can leave out hardware support. Even though OpenSSL doesn't have official hardware support and is actually widely used, I have personally never used it in a full product exactly because it lacks support for keys stored in hardware. For this reason, I feel a complete generic cryptographic library must at the very least fulfill the use cases possible with the PKCS #11 interface, if it won't be a wrapper for this interface. This means the library must be implementable as front-end to a PKCS #11 driver. Maybe a design based on "policy classes" would satisfy this requirement. Also, I can contribute to this project a generic PBKDF2 I have lying around here somewhere. -- P.
participants (7)
-
jon_zhou@agilent.com -
Kasra Nassiri(Math & ComSci) -
Lubomir Bourdev -
Paul A Bristow -
Pedro Lamarão -
Sebastian Redl -
Thomas Klimpel