Crypto++ 8.9
Free C++ class library of cryptographic schemes
Static Public Member Functions | List of all members
DLIES< HASH, COFACTOR_OPTION, DHAES_MODE, LABEL_OCTETS > Struct Template Reference

Discrete Log Integrated Encryption Scheme. More...

#include <gfpcrypt.h>

+ Inheritance diagram for DLIES< HASH, COFACTOR_OPTION, DHAES_MODE, LABEL_OCTETS >:

Static Public Member Functions

static std::string StaticAlgorithmName ()
 

Additional Inherited Members

- Public Types inherited from DL_ES< KEYS, AA, DA, EA, ALG_INFO >
typedef PK_FinalTemplate< DL_DecryptorImpl< SchemeOptions > > Decryptor
 implements PK_Decryptor interface
 
typedef PK_FinalTemplate< DL_EncryptorImpl< SchemeOptions > > Encryptor
 implements PK_Encryptor interface
 

Detailed Description

template<class HASH = SHA1, class COFACTOR_OPTION = NoCofactorMultiplication, bool DHAES_MODE = true, bool LABEL_OCTETS = false>
struct DLIES< HASH, COFACTOR_OPTION, DHAES_MODE, LABEL_OCTETS >

Discrete Log Integrated Encryption Scheme.

Template Parameters
COFACTOR_OPTIONcofactor multiplication option
HASHHashTransformation derived class used for key drivation and MAC computation
DHAES_MODEflag indicating if the MAC includes addition context parameters such as the label
LABEL_OCTETSflag indicating if the label size is specified in octets or bits

DLIES is an Integer based Integrated Encryption Scheme (IES). The scheme combines a Key Encapsulation Method (KEM) with a Data Encapsulation Method (DEM) and a MAC tag. The scheme is IND-CCA2, which is a strong notion of security. You should prefer an Integrated Encryption Scheme over homegrown schemes.

The library's original implementation is based on an early P1363 draft, which itself appears to be based on an early Certicom SEC-1 draft (or an early SEC-1 draft was based on a P1363 draft). Crypto++ 4.2 used the early draft in its Integrated Ecryption Schemes with NoCofactorMultiplication, DHAES_MODE=false and LABEL_OCTETS=true.

If you desire an Integrated Encryption Scheme with Crypto++ 4.2 compatibility, then use the DLIES template class with NoCofactorMultiplication, DHAES_MODE=false and LABEL_OCTETS=true.

If you desire an Integrated Encryption Scheme with Bouncy Castle 1.54 and Botan 1.11 compatibility, then use the DLIES template class with NoCofactorMultiplication, DHAES_MODE=true and LABEL_OCTETS=false.

The default template parameters ensure compatibility with Bouncy Castle 1.54 and Botan 1.11. The combination of IncompatibleCofactorMultiplication and DHAES_MODE=true is recommended for best efficiency and security. SHA1 is used for compatibility reasons, but it can be changed if desired. SHA-256 or another hash will likely improve the security provided by the MAC. The hash is also used in the key derivation function as a PRF.

Below is an example of constructing a Crypto++ 4.2 compatible DLIES encryptor and decryptor.

   AutoSeededRandomPool prng;
   DL_PrivateKey_GFP<DL_GroupParameters_GFP> key;
   key.Initialize(prng, 2048);

   DLIES<SHA1,NoCofactorMultiplication,true,true>::Decryptor decryptor(key);
   DLIES<SHA1,NoCofactorMultiplication,true,true>::Encryptor encryptor(decryptor);
See also
ECIES, Discrete Log Integrated Encryption Scheme (DLIES), Martínez, Encinas, and Ávila's A Survey of the Elliptic Curve Integrated Encryption Schemes
Since
Crypto++ 4.0, Crypto++ 5.7 for Bouncy Castle and Botan compatibility

Definition at line 1019 of file gfpcrypt.h.

Member Function Documentation

◆ StaticAlgorithmName()

template<class HASH = SHA1, class COFACTOR_OPTION = NoCofactorMultiplication, bool DHAES_MODE = true, bool LABEL_OCTETS = false>
static std::string DLIES< HASH, COFACTOR_OPTION, DHAES_MODE, LABEL_OCTETS >::StaticAlgorithmName ( )
inlinestatic

Definition at line 1027 of file gfpcrypt.h.


The documentation for this struct was generated from the following file: