Crypt::Eksblowfish.3pm

Langue: en

Autres versions - même langue

Version: 2010-05-26 (ubuntu - 24/10/10)

Section: 3 (Bibliothèques de fonctions)

Sommaire

NAME

Crypt::Eksblowfish - the Eksblowfish block cipher

SYNOPSIS

         use Crypt::Eksblowfish;
 
         $block_size = Crypt::Eksblowfish->blocksize;
 
         $cipher = Crypt::Eksblowfish->new(8, $salt, $key);
 
         $block_size = $cipher->blocksize;
         $ciphertext = $cipher->encrypt($plaintext);
         $plaintext = $cipher->decrypt($ciphertext);
 
         $p_array = $cipher->p_array;
         $s_boxes = $cipher->s_boxes;
         if($cipher->is_weak) { ...

DESCRIPTION

An object of this type encapsulates a keyed instance of the Eksblowfish block cipher, ready to encrypt and decrypt.

Eksblowfish is a variant of the Blowfish cipher, modified to make the key setup very expensive. (``Eks'' stands for ``expensive key schedule''.) This doesn't make it significantly cryptographically stronger, but is intended to hinder brute-force attacks. It also makes it unsuitable for any application requiring key agility. It was designed by Niels Provos and David Mazieres for password hashing in OpenBSD. See Crypt::Eksblowfish::Bcrypt for the hash algorithm. See Crypt::Eksblowfish::Blowfish for the unmodified Blowfish cipher.

Eksblowfish is a parameterised (family-keyed) cipher. It takes a cost parameter that controls how expensive the key scheduling is. It also takes a family key, known as the ``salt''. Cost and salt parameters together define a cipher family. Within each family, a key determines an encryption function in the usual way. See Crypt::Eksblowfish::Family for a way to encapsulate an Eksblowfish cipher family.

CLASS METHODS

Crypt::Eksblowfish->blocksize
Returns 8, indicating the Eksblowfish block size of 8 octets. This method may be called on either the class or an instance.

CONSTRUCTOR

Crypt::Eksblowfish->new(COST, SALT, KEY)
Performs key setup on a new instance of the Eksblowfish algorithm, returning the keyed state. The KEY may be any length from 1 octet to 72 octets inclusive. The SALT is a family key, and must be exactly 16 octets. COST is an integer parameter controlling the expense of keying: the number of operations in key setup is proportional to 2^COST. All three parameters influence all the subkeys; changing any of them produces a different encryption function.

Due to the mandatory family-keying parameters (COST and SALT), this constructor does not match the interface expected by "Crypt::CBC" and similar crypto plumbing modules. To use Eksblowfish with them it is necessary to have an object that encapsulates a cipher family and provides a constructor that takes only a key argument. That facility is supplied by "Crypt::Eksblowfish::Family".

METHODS

$cipher->blocksize
Returns 8, indicating the Eksblowfish block size of 8 octets. This method may be called on either the class or an instance.
$cipher->encrypt(PLAINTEXT)
PLAINTEXT must be exactly eight octets. The block is encrypted, and the ciphertext is returned.
$cipher->decrypt(CIPHERTEXT)
CIPHERTEXT must be exactly eight octets. The block is decrypted, and the plaintext is returned.
$cipher->p_array
$cipher->s_boxes
These methods extract the subkeys from the keyed cipher. This is not required in ordinary operation. See the superclass Crypt::Eksblowfish::Subkeyed for details.
$cipher->is_weak
This method checks whether the cipher has been keyed with a weak key. It may be desired to avoid using weak keys. See the superclass Crypt::Eksblowfish::Subkeyed for details.

SEE ALSO

Crypt::Eksblowfish::Bcrypt, Crypt::Eksblowfish::Blowfish, Crypt::Eksblowfish::Family, Crypt::Eksblowfish::Subkeyed, <http://www.usenix.org/events/usenix99/provos/provos_html/node4.html>

AUTHOR

Eksblowfish guts originally by Solar Designer (solar at openwall.com).

Modifications and Perl interface by Andrew Main (Zefram) <zefram@fysh.org>.

Copyright (C) 2006, 2007, 2008, 2009, 2010 Andrew Main (Zefram) <zefram@fysh.org>

The original Eksblowfish code (in the form of crypt()) from which this module is derived is in the public domain. It may be found at <http://www.openwall.com/crypt/>.

LICENSE

This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself.