Comet Cryptographic Support
From CometWiki
Contents |
Comet Cryptographic Capabilities
Supported Encryption Algorithms
- RC4 - Rivest Cipher 4: Wiki
- 3DES - Triple Data Encryption Standard: Wiki
- AES - Advanced Encryption Standard: Wiki
Supported Hashing Algorithms
Internet Basic Support
Cryptography in Comet is accomplished through the use of the below listed IB (Internet Basic) statements.
Encryption Algorithm Implementation
The following text describes the specifications/requirements for each of the supported algorithms.
RC4 - Rivest Cipher 4: Wiki
- Key Length: Typically 40-256 bits (5-32 bytes)
- Block Size: NA
- Mode: NA
- IV Required: No
- This is the simplest and fastest of the supported algorithms and is the algorithm currently used by Comet-16 and is the default algorithm used by Comet-32. See Encrypt/Decrypt
3DES - Triple Data Encryption Standard: Wiki
- Key Length: 168 bits although 192 bits (24 bytes) must be supplied (parity bits are discarded).
- Block Size: 8 Bytes
- Mode: CBC - Introduces feedback by combining ciphertext and plaintext
- IV Required: Yes
AES - Advanced Encryption Standard: Wiki
- Key Length: 128, 192, 256 bits
- Block Size: 16 Bytes
- Mode: CBC - Introduces feedback by combining ciphertext and plaintext
- IV Required: Yes
IV - Initial Value
The AES and 3DES algorithms are implemented using CBC (Cypher Block Chaining) mode which incorporates feedback from previous cypher operations while encrypting the plaintext. Because at the onset of the encryption there is no feedback information available, it becomes necessary to supply some initial data that can be used to ensure adequate concealment of the initial block of data. While it is possible to use the same data for all IV's, doing so would make it possible for some information to be decoded if many block were encrypted with the same IV. To avoid this problem a IV or "Initial Value" must be supplied to the encryption code. The size of a IV should be the same size as the chosen algorithm's Block Size (8-3DES, 16-AES). This IV value should be unique and must be used for both encrypt and decrypt operations and as such it should be stored with the encrypted data. There is no need to conceal the IV as it cannot be used to learn anything about the key or plaintext.