crypto_cipher.md 4.7 KB
id: crypto.cipher title: Crypto.Cipher
sidebar_label: Introduction
Supported Ciphers
| Name | Block Size (bytes) | Key Range (bytes) | Rounds |
|---|---|---|---|
| Crypto.BlowfishCipher | 8 | 8 ... 56 | 16 |
| Crypto.TeaCipher | 8 | 16 | 32 |
| Crypto.XteaCipher | 8 | 16 | 32 |
| Crypto.AESCipher | 16 | 16, 24, 32 | 10, 12, 14 |
| Crypto.TwofishCipher | 16 | 16, 24, 32 | 16 |
| Crypto.DESCipher | 8 | 8 | 16 |
| 3DES (EDE mode) (See Crypto.DESCipher) | 8 | 16, 24 | 16 |
| Crypto.Cast5Cipher | 8 | 5 ... 16 | 12, 16 |
| Crypto.NoekeonCipher | 16 | 16 | 16 |
| Crypto.SkipjackCipher | 8 | 10 | 32 |
| Crypto.AnubisCipher | 16 | 16 ... 40 | 12 ... 18 |
| Crypto.KhazadCipher | 8 | 16 | 8 |
| Crypto.KSEEDCipher | 16 | 16 | 16 |
| Crypto.KASUMICipher | 8 | 16 | 8 |
| Crypto.CamelliaCipher | 16 | 16, 24, 32 | 18, 24 |
| Crypto.IDEACipher | 8 | 16 | 8 |
| Crypto.SerpentCipher | 16 | 16, 24, 32 | 32 |
Key sizes and Number of Rounds
As a general rule of thumb, do not use symmetric keys under 80 bits if you can help it.
Only a few of the ciphers support smaller keys (mainly for test vectors anyways).
Ideally, your application should be making at least 256 bit keys. This is not because you are to be paranoid.
It is because if your PRNG has a bias of any sort the more bits the better.
For example, if you have Pr[X = 1] = 1/2 ±γ where |γ| > 0 then the total amount of entropy in N bits is N·−log^2 (1/2 +|γ|).
So if γ were 0.25 (a severe bias) a 256-bit string would have about 106 bits of entropy whereas a 128-bit string would have only 53 bits of entropy.
The number of rounds of most ciphers is not an option you can change. Only RC5 allows you to change the number of rounds. By passing zero as the number of rounds all ciphers will use their default number of rounds. Generally the ciphers are configured such that the default number of rounds provide adequate security for the given block and key size.
Types
| Type | Description |
|---|---|
| TCipher | Cipher base type. |
| TCipherMode | Base type for cipher chaining modes. |
Methods
Method BlockSize:Int() Abstract
The block size for this cipher.
Method Setup:Int(key:String, rounds:Int = 0) Abstract
Sets up the cipher to be used with a given number of rounds and a given key.
Method Setup:Int(key:Byte[], rounds:Int = 0) Abstract
Sets up the cipher to be used with a given number of rounds and a given key.
Method Setup:Int(key:Byte Ptr, keylen:Int, rounds:Int = 0) Abstract
Sets up the cipher to be used with a given number of rounds and a given key length.
Method Encrypt:Int(pt:Byte Ptr, ct:Byte Ptr) Abstract
Encrypts a single block of text, pt, storing the result in the ct buffer.
It is possible that the input and output buffer are the same buffer. The size of the block can be determined with BlockSize.
Method Decrypt:Int(ct:Byte Ptr, pt:Byte Ptr) Abstract
Decrypts a single block of text, ct, storing the result in the pt buffer.
It is possible that the input and output buffer are the same buffer. The size of the block can be determined with BlockSize.
Functions
Function GetCipher:TCipher(name:String)
Gets a cipher of the specified name.
A TNoSuchAlgorithmException is thrown if the requested cipher is not available.
Function GetBlockCipher:TBlockCipher(name:String)
Gets a block cipher of the specified name.
A TNoSuchAlgorithmException is thrown if the requested block cipher is not available.
Function GetStreamCipher:TStreamCipher(name:String)
Gets a stream cipher of the specified name.
A TNoSuchAlgorithmException is thrown if the requested stream cipher is not available.