14 posts
Posted 15 November 2012 - 05:25 PM
About
ComputerCraft Crypto (alternate name: oh god why did I decide to implement AES in Lua) is intended to be a general purpose cryptography API and absolute overkill for Minecraft. At the moment, I have only implemented the core components of AES, it requires a bit more work to be in a generally useable state. Provided I don't get busy or lose interest, I plan to implement ECB, CBC, CFB, and OFB, and look into an authenticated encryption mode like GCM. I also hope to implement some cryptographic hash functions and RSA.
And just to head off any potential objections, I'm not writing this because I expect it to be widely useful, I'm writing it because it's fun and interesting. It's complicated enough that I figure it would be a waste not to share it.
A Word About Security
I will, of course, do my best to ensure that my implementation is correct and secure. However, if you have a security-critical application: first of all, don't do it in minecraft, second: I cannot guarantee the security of this package. Even if it is secure, it is secure only within the context of ComputerCraft. The data you send to the server and vice versa is still sent unencrypted and can be intercepted by someone on your local network or anywhere between you and the server. (Though this should not be the case; encryption should be standard on all electronic communications.) Even properly implemented AES is not appropriate for all uses, and not all cipher modes are equal.
That said, this is almost certainly overkill for any use anyone here will have for it, and AES is currently practically unbreakable (a brute force attack can be expected to take longer than the age of the universe on the fastest supercomputer that exists today.)
cccAES
AES is an ugly, complicated, inelegant, and goddamn effective symmetric block cipher. The same key is used to encrypt and decrypt, and AES encrypts 16 bytes of data in chunks, rather than a byte at a time. AES supports 128, 192, and 256 bit keys.
Please note that while I have tested every function currently included, I cannot properly run the standard test vectors until I have implemented the various cipher modes.
Download:
http://pastebin.com/e65Bm5G5
cccAES Functions:
Sample Usage:
As cccAES currently stands, it's not terribly useful unless you're familiar with block cipher modes. Stand by for revision 2 if you're not.
Change Log:
rev1: all round operations (subBytes, shiftRows, mixColumns, strXor) and requisite functions, block cipher encryption, and the key schedule
(hopefully) upcoming features: ECB, CBC, CFB, OFB
ComputerCraft Crypto (alternate name: oh god why did I decide to implement AES in Lua) is intended to be a general purpose cryptography API and absolute overkill for Minecraft. At the moment, I have only implemented the core components of AES, it requires a bit more work to be in a generally useable state. Provided I don't get busy or lose interest, I plan to implement ECB, CBC, CFB, and OFB, and look into an authenticated encryption mode like GCM. I also hope to implement some cryptographic hash functions and RSA.
And just to head off any potential objections, I'm not writing this because I expect it to be widely useful, I'm writing it because it's fun and interesting. It's complicated enough that I figure it would be a waste not to share it.
A Word About Security
I will, of course, do my best to ensure that my implementation is correct and secure. However, if you have a security-critical application: first of all, don't do it in minecraft, second: I cannot guarantee the security of this package. Even if it is secure, it is secure only within the context of ComputerCraft. The data you send to the server and vice versa is still sent unencrypted and can be intercepted by someone on your local network or anywhere between you and the server. (Though this should not be the case; encryption should be standard on all electronic communications.) Even properly implemented AES is not appropriate for all uses, and not all cipher modes are equal.
That said, this is almost certainly overkill for any use anyone here will have for it, and AES is currently practically unbreakable (a brute force attack can be expected to take longer than the age of the universe on the fastest supercomputer that exists today.)
cccAES
Neal R. Wagner said:Law AES-1: Conventional block ciphers are always ugly, complicated, inelegant brutes, and the AES is no exception.
AES is an ugly, complicated, inelegant, and goddamn effective symmetric block cipher. The same key is used to encrypt and decrypt, and AES encrypts 16 bytes of data in chunks, rather than a byte at a time. AES supports 128, 192, and 256 bit keys.
Please note that while I have tested every function currently included, I cannot properly run the standard test vectors until I have implemented the various cipher modes.
Download:
http://pastebin.com/e65Bm5G5
pastebin get e65Bm5G5 cccAEScccAES Functions:
-- expands a 16, 24, or 32 byte key to the full size required (176, 208, and 240 bytes)
function expandKey(key)
-- runs one full round of AES on the state given the roundKey and returns it
function AESRound(state, roundKey)
-- same as AESRpund but decryption
function AESRoundInv(state, roundKey)
-- retrives a round key from an expanded key given the round number
function getRoundKey(eKey, round)
-- the full 10, 12, or 14 rounds of encryption
function AESMain(state, eKey)
-- same as AESMain but decryption
function AESMainInv(state, eKey)
Sample Usage:
As cccAES currently stands, it's not terribly useful unless you're familiar with block cipher modes. Stand by for revision 2 if you're not.
Change Log:
rev1: all round operations (subBytes, shiftRows, mixColumns, strXor) and requisite functions, block cipher encryption, and the key schedule
(hopefully) upcoming features: ECB, CBC, CFB, OFB
