Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. GnuPG>
  3. gcrypt
Comment should be added to officeal documentation
mashrom.head at gmail
Jul 30, 2008, 1:25 PM
Post #1 of 3 (1370 views)
Permalink
Sorry for my newbness but i don't how to contact the authers of
libgcrypt manual .


The next comment should be added in encrypt / decrypt :


"When using ARCFOUR you should use two different handlers (one for
encryption and other for decryption with the same key ) ."


Special thank <Adam Langley> that gave me that solutione ( i wasted 36
coding hours on that ) .


--
---==== Jabka Atu ===---
bsh83.blogspot.com
---=== Encryption is a way of life ===---


_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
Re: Comment should be added to officeal documentation [ In reply to ]
agl at imperialviolet
Jul 30, 2008, 1:52 PM
Post #2 of 3 (1282 views)
Permalink
On Wed, Jul 30, 2008 at 1:25 PM, Jabka Atu <mashrom.head@gmail.com> wrote:
> The next comment should be added in encrypt / decrypt :
>
>
> "When using ARCFOUR you should use two different handlers (one for
> encryption and other for decryption with the same key ) ."
>
>
> Special thank <Adam Langley> that gave me that solutione ( i wasted 36
> coding hours on that ) .

Well... that's true of any handle which keeps state, right? What about
CTR mode block ciphers, or CBC, or ... Or the K(block) style stream
ciphers like Salsa20.. or probably anything that isn't ECB. It's been
a while since I used the gcrypt API, but I believe that's true.



AGL

--
Adam Langley agl@imperialviolet.org http://www.imperialviolet.org

_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
Re: Comment should be added to officeal documentation [ In reply to ]
wk at gnupg
Jul 31, 2008, 2:11 AM
Post #3 of 3 (1271 views)
Permalink
On Wed, 30 Jul 2008 22:52, agl@imperialviolet.org said:

> Well... that's true of any handle which keeps state, right? What about
> CTR mode block ciphers, or CBC, or ... Or the K(block) style stream
> ciphers like Salsa20.. or probably anything that isn't ECB. It's been
> a while since I used the gcrypt API, but I believe that's true.

You are right. A context/handle is there to convey state - if we would
not need state there would be no need for a context.

The problem at hand is an improper use of the API. If you want to start
a operation you alocate a context, set the key and the IV and start. Do
the same if you are going to decrypt. Actually you don't need to get a
allocate new context but call gcry_cipher_reset to put it back into a
vanilla state.

I also advice against the use of arcfour becuase there are so many
things you can get wrong in using this particular stream cipher. It is
pretty easy to use arcfour in an unsafe way and have the community fun
decrypting it. Use AES and never use ECB mode with any cipher.


Shalom-Salam,

Werner


--
Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz.


_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal