[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[minion-cvs] Addressed another flaw in the lioness key schedule. Ad...
Update of /home/minion/cvsroot/src/minion/lib/mixminion
In directory moria.seul.org:/tmp/cvs-serv9797/minion/lib/mixminion
Modified Files:
Crypto.py Formats.py test.py
Log Message:
Addressed another flaw in the lioness key schedule. Added explicit description of SPRP_ENCRYPT.
Index: Crypto.py
===================================================================
RCS file: /home/minion/cvsroot/src/minion/lib/mixminion/Crypto.py,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- Crypto.py 29 May 2002 17:46:23 -0000 1.2
+++ Crypto.py 29 May 2002 18:54:43 -0000 1.3
@@ -72,7 +72,7 @@
assert len(key) == 4
key1,key2,key3,key4 = key
assert len(key1)==len(key3)==20
- assert len(key2)==len(key4)==16
+ assert len(key2)==len(key4)==20
assert len(s) > 20
left = s[:20]
@@ -81,12 +81,10 @@
# Performance note: This business with sha1("".join([key,right,key]))
# may look slow, but it contributes only a 6% to the hashing step,
# which in turn contributes under 11% of the time for LIONESS.
-
- #XXXX This slice makes me nervous
- right = ctr_crypt(right, _ml.strxor(left,key1)[:16])
- left = _ml.strxor(left, _ml.sha1("".join([key2,right,key2])))
- right = ctr_crypt(right, _ml.strxor(left,key3)[:16])
- left = _ml.strxor(left, _ml.sha1("".join([key4,right,key4])))
+ right = ctr_crypt(right, _ml.sha1("".join([key1,left,key1]))[:16])
+ left = _ml.strxor(left, _ml.sha1("".join([key2,right,key2])))
+ right = ctr_crypt(right, _ml.sha1("".join([key3,left,key3]))[:16])
+ left = _ml.strxor(left, _ml.sha1("".join([key4,right,key4])))
return left + right
def lioness_decrypt(s,key):
@@ -98,17 +96,17 @@
assert len(key) == 4
key1,key2,key3,key4 = key
assert len(key1)==len(key3)==20
- assert len(key2)==len(key4)==16
+ assert len(key2)==len(key4)==20
assert len(s) > 20
left = s[:20]
right = s[20:]
del s
#XXXX This slice makes me nervous
- left = _ml.strxor(left, _ml.sha1("".join([key4,right,key4])))
- right = ctr_crypt(right, _ml.strxor(left, key3)[:16])
- left = _ml.strxor(left, _ml.sha1("".join([key2,right,key2])))
- right = ctr_crypt(right, _ml.strxor(left, key1)[:16])
+ left = _ml.strxor(left, _ml.sha1("".join([key4,right,key4])))
+ right = ctr_crypt(right, _ml.sha1("".join([key3,left,key3]))[:16])
+ left = _ml.strxor(left, _ml.sha1("".join([key2,right,key2])))
+ right = ctr_crypt(right, _ml.sha1("".join([key1,left,key1]))[:16])
return left + right
def openssl_seed(count):
@@ -210,10 +208,11 @@
Returns a set of 4 lioness keys, as described in the Mixminion
specification."""
+ z19="\x00"*19
key1 = sha1(self.master+mode)
- key3 = key1[:-1]+_ml.strxor(key1[-1],"\x02")
- key2 = key1[:AES_KEY_LEN-1] + _ml.strxor(key1[AES_KEY_LEN-1], "\x01")
- key4 = key1[:AES_KEY_LEN-1] + _ml.strxor(key1[AES_KEY_LEN-1], "\x03")
+ key2 = _ml.strxor(sha1(self.master+mode), z19+"\x01")
+ key3 = _ml.strxor(sha1(self.master+mode), z19+"\x02")
+ key4 = _ml.strxor(sha1(self.master+mode), z19+"\x03")
return (key1, key2, key3, key4)
Index: Formats.py
===================================================================
RCS file: /home/minion/cvsroot/src/minion/lib/mixminion/Formats.py,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -d -r1.1 -r1.2
--- Formats.py 29 May 2002 03:52:13 -0000 1.1
+++ Formats.py 29 May 2002 18:54:43 -0000 1.2
@@ -100,8 +100,10 @@
def __getslice__(self, i, j):
"""header[i] -> str
- Returns a slice of the i-j'th subheaders of this header,
- for 0 <= i <= j <= 16"""
+ Returns a slice of the i-j'th subheaders of this header."""
+ if j > 16: j = 16
+ if i < 0: i=16+i
+ if j < 0: j=16-j
return self.contents[i*ENC_SUBHEADER_LEN:
j*ENC_SUBHEADER_LEN]
Index: test.py
===================================================================
RCS file: /home/minion/cvsroot/src/minion/lib/mixminion/test.py,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -d -r1.2 -r1.3
--- test.py 29 May 2002 17:46:23 -0000 1.2
+++ test.py 29 May 2002 18:54:43 -0000 1.3
@@ -113,7 +113,7 @@
# Too short
self.failUnlessRaises(_ml.SSLError,_ml.rsa_crypt,p,"X",1,1)
# Too long
- self.failUnlessRaises(_ml.SSLError,_ml.rsa_crypt,p,x+"XXX",1,1)
+ self.failUnlessRaises(_ml.SSLError,_ml.rsa_crypt,p,x+"ZZZ",1,1)
padhello = _ml.add_oaep_padding("Hello", "B", 128)
for public in (0,1):
@@ -195,7 +195,7 @@
def test_lioness(self):
enc = lioness_encrypt
dec = lioness_decrypt
- key = ("ABCDE"*4, "ABCD"*4, "VWXYZ"*4, "WXYZ"*4)
+ key = ("ABCDE"*4,) *4
plain = mixminion.Crypto.OAEP_PARAMETER*100
self.assertNotEquals(plain, enc(plain,key))
self.assertNotEquals(plain, dec(plain,key))
@@ -203,6 +203,7 @@
self.assertEquals(len(plain), len(dec(plain,key)))
self.assertEquals(plain, dec(enc(plain,key),key))
self.assertEquals(plain, enc(dec(plain,key),key))
+
#XXXX check for correct values
def test_keyset(self):
@@ -212,10 +213,10 @@
eq = self.assertEquals
eq(s("aFoo")[:10], k.get("Foo",10))
eq(s("aBar")[:16], k.get("Bar"))
- z15 = "\x00"*15
+
z19 = "\x00"*19
- eq( (s("aBaz"), x(s("aBaz")[:16], z15+"\x01"),
- x(s("aBaz"),z19+"\x02"), x(s("aBaz")[:16], z15+"\x03") ),
+ eq( (s("aBaz"), x(s("aBaz"), z19+"\x01"),
+ x(s("aBaz"),z19+"\x02"), x(s("aBaz"), z19+"\x03") ),
k.getLionessKeys("Baz"))
def test_aesprng(self):