Sosemanuk
Documentation |
#include <cryptopp/sosemanuk.h>
|
Sosemanuk is a stream cipher developed by Come Berbain, Olivier Billet, Anne Canteaut, Nicolas Courtois, Henri Gilbert, Louis Goubin, Aline Gouget, Louis Granboulan, Cédric Lauradoux, Marine Minier, Thomas Pornin and Hervé Sibert. The ciphers use a 8-bit to 256-bit key, and a 128-bit initialization vector (IV). The ciphers are part of eSTREAM portfolio Phase 3 (final) for Profile 1 (software). Also see Sosemanuk, a fast software-oriented stream cipher.
Crypto++ provides all stream ciphers from eSTREAM Phase 3 for Profile 1. The ciphers are ChaCha, HC-128/256, Rabbit, Salsa20 and Sosemanuk. The IETF's version of ChaCha is specified in RFC 7539, ChaCha20 and Poly1305 for IETF Protocols and available as ChaChaTLS.
If you are used to working in languages like Java or libraries like OpenSSL, then you might want to visit the Init-Update-Final wiki page. Crypto++ provides the transformation model, but its not obvious because its often shrouded behind Pipelines.
Note: if your project is using encryption alone to secure your data, encryption alone is usually not enough. Please take a moment to read Authenticated Encryption and consider using an algorithm or mode like CCM, GCM, EAX or ChaCha20Poly1305.
Key and IV
The first sample program prints Sosemanuk's key and iv sizes.
int main() { using namespace CryptoPP; Sosemanuk::Encryption enc; std::cout << "key length: " << enc.DefaultKeyLength() << std::endl; std::cout << "key length (min): " << enc.MinKeyLength () << std::endl; std::cout << "key length (max): " << enc.MaxKeyLength () << std::endl; std::cout << "iv size: " << enc.IVSize() << std::endl; return 0; }
A typical output is shown below.
$ ./test.exe key length: 16 key length (min): 1 key length (max): 32 iv size: 16
Encryption and Decryption
The following example shows you how to use Sosemanuk::Encryption
and Sosemanuk::Decryption
. &cipher[0]
may look odd, but its how to get the non-const pointer from a std::string
.
#include "cryptlib.h" #include "secblock.h" #include "sosemanuk.h" #include "osrng.h" #include "files.h" #include "hex.h" #include <iostream> #include <string> int main() { using namespace CryptoPP; AutoSeededRandomPool prng; HexEncoder encoder(new FileSink(std::cout)); std::string plain("Sosemanuk stream cipher test"), cipher, recover; SecByteBlock key(16), iv(16); prng.GenerateBlock(key, key.size()); prng.GenerateBlock(iv, iv.size()); std::cout << "Key: "; encoder.Put((const byte*)key.data(), key.size()); encoder.MessageEnd(); std::cout << std::endl; std::cout << "IV: "; encoder.Put((const byte*)iv.data(), iv.size()); encoder.MessageEnd(); std::cout << std::endl; // Encryption object Sosemanuk::Encryption enc; enc.SetKeyWithIV(key, key.size(), iv, iv.size()); // Perform the encryption cipher.resize(plain.size()); enc.ProcessData((byte*)&cipher[0], (const byte*)plain.data(), plain.size()); std::cout << "Plain: " << plain << std::endl; std::cout << "Cipher: "; encoder.Put((const byte*)cipher.data(), cipher.size()); encoder.MessageEnd(); std::cout << std::endl; // Sosemanuk::Decryption dec; // dec.SetKeyWithIV(key, key.size(), iv, iv.size()); std::cout << "Self inverting: " << enc.IsSelfInverting() << std::endl; std::cout << "Resynchronizable: " << enc.IsResynchronizable() << std::endl; enc.Resynchronize(iv, iv.size()); // Perform the decryption // recover.resize(cipher.size()); // dec.ProcessData((byte*)&recover[0], (const byte*)cipher.data(), cipher.size()); // Perform the decryption with the encryptor recover.resize(cipher.size()); enc.ProcessData((byte*)&recover[0], (const byte*)cipher.data(), cipher.size()); std::cout << "Recovered: " << recover << std::endl; return 0; }
A typical output is shown below.
$ ./test.exe Key: 0DA416FE03E36529FB9BEA70872F0B5D IV: D404755728FC17C659EC49D577A746E2 Plain: Sosemanuk stream cipher test Cipher: 7302E8A560DB089F4E5988CD908A68842520408237D74DD1FE78BB04 Recovered: Sosemanuk stream cipher test
Resynchronizing
The Sosemanuk cipher is self-inverting so you can use the encryption object for decryption (and vice versa). The cipher holds internal state and is resynchronizable. If you want to reuse an encryption or decryption object then you should set the IV with Resynchronize
.
#include "cryptlib.h" #include "secblock.h" #include "sosemanuk.h" #include "osrng.h" #include "files.h" #include "hex.h" #include <iostream> #include <string> int main() { using namespace CryptoPP; AutoSeededRandomPool prng; HexEncoder encoder(new FileSink(std::cout)); std::string plain("Sosemanuk stream cipher test"), cipher, recover; SecByteBlock key(16), iv(16); prng.GenerateBlock(key, key.size()); prng.GenerateBlock(iv, iv.size()); std::cout << "Key: "; encoder.Put((const byte*)key.data(), key.size()); encoder.MessageEnd(); std::cout << std::endl; std::cout << "IV: "; encoder.Put((const byte*)iv.data(), iv.size()); encoder.MessageEnd(); std::cout << std::endl; // Encryption object Sosemanuk::Encryption enc; enc.SetKeyWithIV(key, key.size(), iv, iv.size()); // Perform the encryption cipher.resize(plain.size()); enc.ProcessData((byte*)&cipher[0], (const byte*)plain.data(), plain.size()); std::cout << "Plain: " << plain << std::endl; std::cout << "Cipher: "; encoder.Put((const byte*)cipher.data(), cipher.size()); encoder.MessageEnd(); std::cout << std::endl; // Sosemanuk::Decryption dec; // dec.SetKeyWithIV(key, key.size(), iv, iv.size()); std::cout << "Self inverting: " << enc.IsSelfInverting() << std::endl; std::cout << "Resynchronizable: " << enc.IsResynchronizable() << std::endl; enc.Resynchronize(iv, iv.size()); // Perform the decryption // recover.resize(cipher.size()); // dec.ProcessData((byte*)&recover[0], (const byte*)cipher.data(), cipher.size()); // Perform the decryption with the encryptor recover.resize(cipher.size()); enc.ProcessData((byte*)&recover[0], (const byte*)cipher.data(), cipher.size()); std::cout << "Recovered: " << recover << std::endl; return 0; }
A typical output is shown below.
$ ./test.exe Key: 3D3C001AEB558CA8E6739F4FD2253F26 IV: C00FDCCDA842169FECB91FA0C50706F5 Plain: Sosemanuk stream cipher test Cipher: 9B32C71A8F2A558A3A7A07566B97B1D103ED1463C36C909EBF457C78 Self inverting: 1 Resynchronizable: 1 Recovered: Sosemanuk stream cipher test
The following C++11 program demonstrates resynchronizing without the additional operations like printing a key or iv. The library was built with CXXFLAGS="-DNDEBUG -g2 -O3 -std=c++11
.
#include "cryptlib.h" #include "sosemanuk.h" #include <iostream> #include <array> #include <cstdint> int main(int argc, char *argv[]) { using namespace CryptoPP; const uint8_t sosemanukKey[16] = "012345678901234"; const uint8_t sosemanukIV[16] = "0123456789101234"; Sosemanuk::Encryption enc; Sosemanuk::Decryption dec; enc.SetKeyWithIV(sosemanukKey, 16, sosemanukIV, 16); dec.SetKeyWithIV(sosemanukKey, 16, sosemanukIV, 16); std::array<byte, 3> origin = { 1,2,3 }; std::array<byte, 3> encrpyt; enc.ProcessData(encrpyt.data(), origin.data(), origin.size()); std::array<byte, 3> decrypt; dec.ProcessData(decrypt.data(), encrpyt.data(), encrpyt.size()); dec.Resynchronize(sosemanukIV, sizeof(sosemanukIV)); dec.ProcessData(decrypt.data(), encrpyt.data(), encrpyt.size()); dec.Resynchronize(sosemanukIV, sizeof(sosemanukIV)); dec.ProcessData(decrypt.data(), encrpyt.data(), encrpyt.size()); std::cout << (int)decrypt[0] << " " << (int)decrypt[1] << " "; std::cout << (int)decrypt[2] << std::endl; return 0; }
It produces the following result.
$ g++ -DNDEBUG -g2 -O3 -std=c++11 test.cxx -o test.exe ./libcryptopp.a $ ./test.exe 1 2 3
Pipelines
You can also use stream ciphers in a Pipeline. Below is an example of Sosemanuk participating in a pipeline. Internally, StreamTransformationFilter
calls ProcessData
on the incoming data stream. The filter also buffers output if there is no attached transformation or sink.
#include "cryptlib.h" #include "secblock.h" #include "filters.h" #include "sosemanuk.h" #include "osrng.h" #include "files.h" #include "hex.h" #include <iostream> #include <string> int main() { using namespace CryptoPP; AutoSeededRandomPool prng; HexEncoder encoder(new FileSink(std::cout)); std::string plain("Sosemanuk stream cipher test"), cipher, recover; SecByteBlock key(32), iv(16); prng.GenerateBlock(key, key.size()); prng.GenerateBlock(iv, iv.size()); std::cout << "Key: "; encoder.Put(key.data(), key.size()); encoder.MessageEnd(); std::cout << std::endl; std::cout << "IV: "; encoder.Put(iv.data(), iv.size()); encoder.MessageEnd(); std::cout << std::endl; // Encryption object Sosemanuk::Encryption enc; enc.SetKeyWithIV(key, key.size(), iv, iv.size()); // Decryption object Sosemanuk::Decryption dec; dec.SetKeyWithIV(key, key.size(), iv, iv.size()); StringSource ss1(plain, true, new StreamTransformationFilter(enc, new StringSink(cipher))); StringSource ss2(cipher, true, new StreamTransformationFilter(dec, new StringSink(recover))); std::cout << "Plain: " << plain << std::endl; std::cout << "Cipher: "; encoder.Put((const byte*)cipher.data(), cipher.size()); encoder.MessageEnd(); std::cout << std::endl; std::cout << "Recovered: " << recover << std::endl; return 0; }
The program produces the expected output:
$ ./test.exe Key: 8F9CC74970AA3C86E76DF916F8FF89583BF077F582E456E23D7B15BEA8EA0D9D IV: DD35394788C068FF0AF4842AE385794C Plain: Sosemanuk stream cipher test Cipher: D512045C2777B72AEE9990767B02FF152684199CB26A06FAFF183773 Recovered: Sosemanuk stream cipher test