密码类库Crypto++™ Library 5.1的研究与应用
在计算机被广泛应用的信息时代,信息本身就是时间,就是财富。大量信息用数据形式存放在计算机系统里。信息的传输则通过公共信道。这些计算机系统和公共信道是不设防的,是很脆弱的,容易受到攻击和破坏,信息的丢失不容易被发现,而且后果是极其严重。如何保护信息的安全已不仅仅是军事和政府部门感兴趣的问题,其他企事业单位也愈感迫切。因为在网络化的今天,计算机犯罪每年使他们遭受的损失极其巨大,而且还在发展中。密码是有效而且可行的保护信息安全的办法。随着计算机网络不断渗透到各个领域,密码学的应用也随着扩大。数字签名、身份鉴别、等都是由密码学派生出来的新技术和应用。目前开放源代码的加密库中,密码类库Crypto++是比较流行的,目前的最高版本为Crypto++™ Library 5.1,它实现了各种公开密钥算法、对称加密算法、数字签名算法、信息摘要算法以及其相关的其它算法等等,Crypto++™ Library 5.1几乎包括了目前所有安全算法库,对密码类库Crypto++™ Library 5.1的研究与应用对计算机网络安全的研究与发展有重大的实际意义。
(一)Crypto++™ Library 5.1要求的密码知识
Crypto++™ Library 5.1要求什么样的密码知识基础呢,很多初学者都想知道这个问题。然而当你提出一个基础的问题在别处找到答案,你会发现这对你没有多大用处,因为越来越多熟练使用这个类库包的人不仅仅是考虑挑战安全问题。
该密码库的建立是假设你对密码术语已经有一定的了解的基础上的,如果你已经达到这一点,你可以进行一些比较基础的研究,到那时你会发现即使在最有利的情况下建立一个安全体系也是很困难的。如果你可以克服这些困难去研究这方面知识,你可以从一些网站获得比较专业的帮助。
Crypto++库包含有大量的算法,但是它们对用户来说并不总是显而易见的,下面推荐一些算法,因为这些算法不但用得很广,而且被公认比较安全的,并且是免费的。
1、 分组密码:DES-EDE3, Blowfish, Rijndael
2、 序列密码:
3、 Hash函数:SHA1
4、 消息认证码: HMAC/SHA1
5、 公钥加密:RSA/OAEP/SHA1
6、 签名:RSA/PKCS1v15/SHA1, DSA, Generalized-DSA/SHA1
7、 密钥协议:DH
8、 随机数产生器:RandomPool, AutoSeededRandomPool
(二)密码类库Crypto++™ Library 5.1的内容
Crypto++ 库是一个用c++ 编写的密码类库,是一个自由软件。Crypto++™ Library 5.1于2003年3月22日发布,是目前最高的版本,该版本加入了除了作者Wei Dai以外的另外一些作者的代码重新包装成类,类库里主要包含下列的内容:
1、 用抽象类定义API类的继承层次
2、 高级加密标准AES(Advanced Encryption Standard) Rijndael和AES候选算法:RC6, MARS, Twofish, Serpent, CAST-256
1997年4月15日美国国家标准技术研究所NIST发起征集高级加密标准AES算法的活动,目的是为确定一个安全性能更好的分组密码算法用于取代DES,AES的基本要求是比三重DES快并且至少与DES一样安全,分组长度为128位,密钥长度为128位,192位或256位.2001年11月26日,NIST正式公布高级加密标准AES, AES的安全性能是良好的,经过多年来的分析和测试,至今没有发现AES的明显缺点,也没有找到明显的安全漏洞. AES能够抵抗目前已知的各种攻击方法的攻击。
3、 对称分组密码:IDEA, DES, Triple-DES (DES-EDE2 and DES-EDE3), DESX (DES-XEX3), RC2, RC5, Blowfish, Diamond2, TEA, SAFER, 3-WAY, GOST, SHARK, CAST-128, Square, Skipjack。
分组密码又称为秘密钥密码或对称密码。利用分组密码对明文进行加密时,首先需要对明文进行分组,每组的长度都相同,然后对每组明文分别加密得到等长的密文,分组密码的特点是加密密钥与解密密钥相同。分组密码的安全性应该主要依赖于密钥,而不依赖于对加密算法和解密算法的保密。因此,分组密码的加密和解密算法可以公开。
4、 一般的密码模式:ECB, CBC, CBC ciphertext stealing (CTS), CFB, OFB, counter mode (CTR) 。
电子密本(ECB), 密码分组链接(CBC),输出反馈(OFB)和密文反馈(CFB)
5、 序列密码:Panama, ARC4, SEAL, WAKE, WAKE-OFB, BlumBlumShub
序列密码可以认为是起源于20世纪20年代的Vernam体系,当Vernam体制中的密钥序列是随机的(0,1)时,他就是“一次一密“密码体制。Shannon已经证明了“一次一密“密码体制在理论上是不可破译的。由于随机的密钥序列产生、存储以及分配等方面存在一定的困难,Vernam体制在当时并没有得到广泛的应用。随着微电子技术和数学理论的发展与完善,基于伪随机序列的序列密码得到了长足的发展和应用。在序列密码中,加密和解密所用的密钥都是伪随机序列,伪随机序列的产生比较容易并且有比较成熟的数学理论工具,目前,序列密码是 世界各国的军事和外交等领域中使用的主要密码体制之一。
6、 公钥密码: RSA, DSA, ElGamal, Nyberg-Rueppel (NR), Rabin, Rabin-Williams (RW), LUC, LUCELG, DLIES (variants of DHAES), ESIGN
在公钥密码体制中加秘密钥和解密密钥是不一样的,加密密钥可以公开传播而不危及密码体制的安全性。
RSA公钥密码体制的安全性是基于大整数的素分解问题的难解性,
7、公钥密码系统补丁:PKCS#1 v2.0, OAEP, PSSR, IEEE P1363 EMSA2
8、密钥协商方案:Diffie-Hellman (DH), Unified Diffie-Hellman (DH2), Menezes-Qu-Vanstone (MQV), LUCDIF, XTR-DH
9、椭圆曲线密码:ECDSA, ECNR, ECIES, ECDH, ECMQV
9、 单向hash函数:
hash函数是一种将一种任意长度的消息(message)压缩为某一固定长度的消息摘要(message digest)的函数。hash函数可以用于数字签名和消息的完整性检测。
SHA-1,:
安全hash算法SHA
MD2, MD4, MD5, HAVAL, RIPEMD-160, Tiger, SHA-2 (SHA-256, SHA-384, and SHA-512), Panama
11、消息认证码(MAC):MD5-MAC, HMAC, XOR-MAC, CBC-MAC, DMAC
12、基于密码结构的Hash函数:Luby-Rackoff, MDC
13、伪随机数发生器(PRNG): ANSI X9.17 appendix C, PGP's RandPool
14、password based key derivation functions:PBKDF1 and PBKDF2 from PKCS #5
15、压缩和解压算法
16、大整数和多项式快速精确算法
17、有限范围内的算法包括GF(p) 和 GF(2^n)
18、素数的产生和验证
等等。
(三)密码类库Crypto++™ Library 5.1的开发过程
Crypto++密码类库自从发布以来,作为一个自由软件,得到广大开发者的支持,吸收了很多优秀的算法和原代码,一直在不断的在完善和扩大,适应了各种常用的操作系统和编译平台。
(四)密码类库Crypto++™ Library 5.1的编译平台
Crypto++™ Library 5.1 支持多种操作系统和各种各样的编译平台,但是对于有些操作系统下的一些编译平台要添加一定的补丁,下面我们就把一些常用的操作系统和编译平台的编译情况列出来如下:
| 开发环境 | 操作系统 | 编译Crypto++ 4.2 | 编译Crypto++ 5.0 | 编译Crypto++ 5.1 | |
| MSVC 6.0 SP5 | WIN32 | 可直接编译 | 可直接编译 | ||
| MSVC .NET 2002 | WIN32 | 可直接编译 | |||
| MSVC .NET 2003 | WIN32 | 没有测试 | 要有效的补丁 | ||
| Borland C++Builder 6 | WIN32 | 没有测试 | |||
| GCC 2.95.2 | UNIX/WIN32/BeOS/ | 可直接编译 | |||
| GCC 3.2 | UNIX/WIN32/BeOS | 要有效的补丁 | 可直接编译 | ||
| Apple GCC 932.1 (2.95.2) | MacOS X (Darwin) | 要有效的补丁 | 要有效的补丁 | 可直接编译 | |
| Apple GCC 1161 (3.1) | 没有测试 | ||||
| CodeWarrior Pro 6.1 | MacOS/WIN32 | 需要有效的工程文件可直接编译 | 没有测试 |
| |
| CodeWarrior Pro 8.2 | 没有测试 |
| 需要有效的工程文件 |
| |
| Sun WorkShop 6, Forte C++ | Solaris | 没有测试 | 没有测试 |
| |
(五)密码类库Crypto++™ Library 5.1的类库分析
密码库是用了高层的c++特征,如模板,多重继承和异常等一流的强有力的工具来实现各种各样错综复杂的密码算法
For people who are familiar with C++, the library will appear intuitive and easy to use. Others may need to view it as a learning opportunity. If you are a C++ beginner and you are under a very tight schedule, or if you are "afraid" of the more advanced features of C++, this library may not be for you. Having said that, you are invited to see for yourself how easy or hard it is to use by looking at some of the other answers in this category.
对熟悉c++的用户来说很容易用,
下载:
Where is the tutorial?
Where is the reference manual?
Is there anyone I could pay to help me with this?
How am I going to use Crypto++ if I don't have a clue about cryptography?
Recommended Algorithms
There is nothing the more experienced people that use this library like more than a challenging security question to mull over. However, you may find you don't get much help if you ask a basic question with an answer that is well-documented elsewhere.
The library assumes you know in cryptographic terms what you want to achieve. Until you reach that point, perhaps you should do some background research? You should also know that building secure systems is difficult at the best of times. If you can afford it, you can get some professional help: Is there anyone I could pay to help me with this?
The good news is that there is a decent body of literature to help you. A list of recommended cryptography books is available at http://books.cryptopp.com. A lot of good crypto information is also available on the web. See http://links.cryptopp.com for a list of recommended sites.
Crypto++ contains a large number of algorithms, and it may not always be obvious which ones to use. The algorithms given below are recommended because they are widely used and generally considered to be secure and patent-free.
block cipher: DES-EDE3, Blowfish, Rijndael
stream cipher: MARC4 (ARC4 with first 256 bytes of keystream discarded), any of the above block ciphers in CTR mode
hash function: SHA1
message authentication code: HMAC/SHA1
public key encryption: RSA/OAEP/SHA1
signature: RSA/PKCS1v15/SHA1, DSA, Generalized-DSA/SHA1
key agreement: DH
random number generator: RandomPool, AutoSeededRandomPool
10、
Crypto++ Library is a free C++ class library of cryptographic schemes. Currently the library consists of the following, some of which are other people's code, repackaged into classes.
- a class hierarchy with an API defined by abstract base classes
- AES (Rijndael) and AES candidates: RC6, MARS, Twofish, Serpent, CAST-256
- other symmetric block ciphers: IDEA, DES, Triple-DES (DES-EDE2 and DES-EDE3), DESX (DES-XEX3), RC2, RC5, Blowfish, Diamond2, TEA, SAFER, 3-WAY, GOST, SHARK, CAST-128, Square, Skipjack
- generic cipher modes: ECB, CBC, CBC ciphertext stealing (CTS), CFB, OFB, counter mode (CTR)
- stream ciphers: Panama, ARC4, SEAL, WAKE, WAKE-OFB, BlumBlumShub
- public key cryptography: RSA, DSA, ElGamal, Nyberg-Rueppel (NR), Rabin, Rabin-Williams (RW), LUC, LUCELG, DLIES (variants of DHAES), ESIGN
- padding schemes for public-key systems: PKCS#1 v2.0, OAEP, PSSR, IEEE P1363 EMSA2
- key agreement schemes: Diffie-Hellman (DH), Unified Diffie-Hellman (DH2), Menezes-Qu-Vanstone (MQV), LUCDIF, XTR-DH
- elliptic curve cryptography: ECDSA, ECNR, ECIES, ECDH, ECMQV
- one-way hash functions: SHA-1, MD2, MD4, MD5, HAVAL, RIPEMD-160, Tiger, SHA-2 (SHA-256, SHA-384, and SHA-512), Panama
- message authentication codes: MD5-MAC, HMAC, XOR-MAC, CBC-MAC, DMAC
- cipher constructions based on hash functions: Luby-Rackoff, MDC
- pseudo random number generators (PRNG): ANSI X9.17 appendix C, PGP's RandPool
- password based key derivation functions: PBKDF1 and PBKDF2 from PKCS #5
- Shamir's secret sharing scheme and Rabin's information dispersal algorithm (IDA)
- DEFLATE (RFC 1951) compression/decompression with gzip (RFC 1952) and zlib (RFC 1950) format support
- fast multi-precision integer (bignum) and polynomial operations
- finite field arithmetics, including GF(p) and GF(2^n)
- prime number generation and verification
- various miscellaneous modules such as base 64 coding and 32-bit CRC
- class wrappers for these operating system features (optional):
- high resolution timers on Windows, Unix, and MacOS
- Berkeley and Windows style sockets
- Windows named pipes
- /dev/random and /dev/urandom on Linux and FreeBSD
- Microsoft's CryptGenRandom on Windows
- A high level interface for most of the above, using a filter/pipeline metaphor
- benchmarks and validation testing
One purpose of Crypto++ is to act as a repository of public domain (not copyrighted) source code. Although the library is copyrighted as a compilation, the individual files in it (except for a few exceptions listed in the license) are in the public domain.
- 2003年4月22日增加了开发环境CodeWarrior Pro8.2 固定的工程文件
- 增加 VS.NET 2003 的补丁
- 发布Crypto++™ Library 5.1 版本
- 4/22/2003 - Added fixed project file for CodeWarrior Pro 8.2
- 4/19/2003 - Added patch for VS .NET 2003
- 3/22/2003 - Version 5.1 release.
- added PSS padding and changed PSSR to track IEEE P1363a draft standard
- added blinding for RSA and Rabin to defend against timing attacks on decryption operations
- changed signing and decryption APIs to support the above
- changed WaitObjectContainer to allow waiting for more than 64 objects at a time on Win32 platforms
- fixed a bug in CBC and ECB modes with processing non-aligned data
- fixed standard conformance bugs in DLIES (DHAES mode) and RW/EMSA2 signature scheme (these fixes are not backwards compatible)
- fixed a number of compiler warnings, minor bugs, and portability problems
- removed Sapphire
- 3/10/2003 - Updated patch for MacOS X (Darwin)
- 10/4/2002 - Version 5.0 has been imported into CVS, with modulename "c5"
- 10/1/2002 - Added updated CodeWarrior 8 project file from Aparajita Fishman.
- 9/30/2002 - Version 5.0 released.
- added ESIGN, DLIES, WAKE-OFB, PBKDF1 and PBKDF2 from PKCS #5
- added key validation for encryption and signature public/private keys
- renamed StreamCipher interface to SymmetricCipher, which is now implemented by both stream ciphers and block cipher modes including ECB and CBC
- added keying interfaces to support resetting of keys and IVs without having to destroy and recreate objects
- changed filter interface to support non-blocking input/output
- changed SocketSource and SocketSink to use overlapped I/O on Microsoft Windows
- grouped related classes inside structs to help templates, for example AESEncryption and AESDecryption are now AES::Encryption and AES::Decryption
- where possible, typedefs have been added to improve backwards compatibility when the CRYPTOPP_MAINTAIN_BACKWARDS_COMPATIBILITY macro is defined
- changed HAVAL and IDEA to use public domain code
- implemented SSE2 optimizations for Integer operations
- is being evaluated for FIPS 140-2 compliance
- fixed a bug in HMAC::TruncatedFinal()
- fixed SKIPJACK byte ordering following NIST clarification dated 5/9/02
- 8/26/2002 - Added porting note for Sun WorkShop 6 with Forte C++
(四)密码类库Crypto++™ Library 5.1的编译平台
These porting notes will help you compile Crypto++ on various platforms. If you need to compile Crypto++ 4.1 or earlier, please click here.
| 开发环境 | 操作系统 | 编译Crypto++ 4.2 | 编译Crypto++ 5.0 | 编译Crypto++ 5.1 | |
| MSVC 6.0 SP5 | WIN32 | no changes needed | no changes needed | ||
| MSVC .NET 2002 | WIN32 | no changes needed | |||
| MSVC .NET 2003 | WIN32 | not tested | patch available | ||
| Borland C++Builder 6 | WIN32 | not tested | |||
| GCC 2.95.2 | UNIX/WIN32/BeOS/ | no changes needed | |||
| GCC 3.2 | UNIX/WIN32/BeOS | patch available | no changes needed | ||
| Apple GCC 932.1 (2.95.2) | MacOS X (Darwin) | patch available | patch available | no changes needed | |
| Apple GCC 1161 (3.1) | not tested | ||||
| CodeWarrior Pro 6.1 | MacOS/WIN32 | no changes needed | not tested |
| |
| CodeWarrior Pro 8.2 | not tested | updated project file by Aparajita Fishman | fixed project file available |
| |
| Sun WorkShop 6, Forte C++ | Solaris | not tested |
| ||
Remember to use the "-a" (auto-convert text files) option when unzipping on a Unix machine. The zip files should have the following hashes:
crypto42.zip:
MD5: C1700E6E15F3189801E7EA47EEE83078
SHA-1: 505EC40485519971A07DF6708B7DED3E5D3D08C4
RIPEMD-160: 5D4CC8E5987B2416CF7D71AA6276AFAC61702E55
SHA-256: CDF8A1EBB142759E928A323F47F228F4F93CEB2FE97C19DC59D6868989E0D76E
crypto50.zip:
MD5: fe8d4ef49b69874763f6dab30cbb6292
SHA-1: d0d83e60b6c03408370ca6c13aa5cac5e2220bf1
RIPEMD-160: 150db13d4df29020829f0fe817f54ee5a0595e50
SHA-256: c67c64693f32195e69d3d7e5bdf47afbd91e8b69d0407a2bc68a745d9dbebb26
crypto51.zip:
MD5: f4bfd4ac39dc1b7f0764d61a1ec4df16
SHA-1: 95905714c85f6fb563e66edb5478818df787fe2d
RIPEMD-160: 8b7420c421be39e9976f1ce2a80840d7ed6b38ef
SHA-256: d183a98c28feb1e0f7d21d177469831e5052aa8ca446475e95a5ebe7a7feb3cd
I get an "error opening file" message when I run cryptest.exe.
Why can't I read Crypto++ objects from files via FileStore with STLport streams?
I'm getting the error message "Cryptographic algorithms are disabled after power-up a self test failed" or something about "edc.dat".
Microsoft tools
I compiled cryptest.exe successfully, but am getting linker errors with my own application.
I'm getting internal compiler errors on Windows 98.
Others
Can I use Crypto++ with <insert compiler name here>?
I am getting compiler errors with GCC or EGCS.
GCC is using an enormous amount of memory to compile Crypto++.
I'm getting an "as" (assembler) error on Solaris.
Is it possible to supply a prime modulus as it is with ElGamal key generation to other PK algorithms like RSA and DH in order to decrease their key generation times? If so can you supply example code to do just this?
How to output a Integer as string(Decimal/Hex)?
(五)密码类库Crypto++™ Library 5.1的使用
The library is an powerful and elegant tool for performing complex cryptography. It uses advanced C++ features such as templates, multiple inheritance, and exceptions to achieve that power and elegance.
For people who are familiar with C++, the library will appear intuitive and easy to use. Others may need to view it as a learning opportunity. If you are a C++ beginner and you are under a very tight schedule, or if you are "afraid" of the more advanced features of C++, this library may not be for you. Having said that, you are invited to see for yourself how easy or hard it is to use by looking at some of the other answers in this category.
对熟悉c++的用户来说
How much C++ experience do I need to use this library?
How do I use the Filter class?
How do I use hex encoding and decoding?
How do I use a block cipher in Crypto++ 4.2?
How do I use a block cipher in Crypto++ 5.0?
How do I use a stream cipher?
How do I use a hash function?
How do I use a message authentication code?
How do I use a random number generator?
How do I use a public key cryptosystem or signature scheme?
How can I use an RSA key from Crypto++ in openssl?
The sample code shows how to work with a file, but my data is in a string (or vice versa).
Why is ElGamal key generation so slow?
I'm trying to process multiple messages with a Filter, and MaxRetrievable() always returns 0 after the first one.
(六)密码类库Crypto++™ Library 5.1的类库分析
见:\CryptoManual\00_index.htm\Class Hierarchy、 Compound List
模板类、抽象类、类
(七)密码类库Crypto++™ Library 5.1的应用实例(1)
现在我们就来研究一下对这个库的用法我们在win32的操作系统下用vc6++来编译Crypto++™ Library 5.1 的源代码,在对应的目录下会产生文件夹Debug,在文件夹Debug里,会有一个编译好的静态库文件 cryptlib.lib 我们就来研究什么用这个静态库文件。
Hash函数的应用
Links to cryptographic resources - http://www.mobiuslinks.com/links.asp?sid=1
Administration
How can I contribute to this FAQ?
While You Are Downloading
- Take a look at the related links page. It includes links to crypto libraries for other languages, products that use Crypto++, etc.
- Consider the list of recommended books for Crypto++ users.
- Examine the Crypto++ license agreement.
- Read denis bider's Crypto++ User Guide
- Browse the Crypto++ Reference Manual (mirrored here).
- View these Crypto++ class hierarchy charts to see how Crypto++ is organized. Note that these charts only include a small number of actual algorithms as examples.
Mailing Lists
There are two mailing lists for Crypto++.
- cryptopp-announce@lists.sourceforge.net - Crypto++ announcements
- cryptopp-list@eskimo.com - user questions and general discussion related to Crypto++, archived at http://www.escribe.com/software/crypto. Send an email to mailto:cryptopp-list-request@eskimo.com?subject=subscribe with the subject "subscribe" to subscribe, and use "unsubscribe" subject to unsubscribe. When posting a question to the mailing list, please give the following information, if available:
- exact error message
- stack trace
- a minimal program with a main() function, that reproduces the problem
- versions of Crypto++, operating system (output of "uname -a" command if using Unix), and compiler (output of "gcc -v" if using GCC)
To Contribute
The Crypto++ source code and FAQ are hosted on .
- The SourceForge CVS Repository allows you to view the latest (unreleased) Crypto++ source code and to contribute bug fixes or new features. The CVS repository contains two modules:
- src - version 4.x and earlier.
- c5 - version 5.x.
- The Crypto++ Faq-O-Matic allows you to view frequently asked questions and to contribute new questions or answers.
Paid Support and Consulting
If you are interested in paid support for Crypto++ or consulting on a Crypto++ related project, please take a look at this list of companies and individuals providing such services. This listing is a free service for the Crypto++ community, and anyone may sign up to be listed by following the above link.