Questions about this topic? Sign up to ask in the talk tab.
Difference between revisions of "List of cryptography functions"
From NetSec
(8 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
− | {| | + | {| class="wikitable" |
|+ Encryption Quick Reference | |+ Encryption Quick Reference | ||
| align="center" style="background:#f0f0f0;"|'''Name''' | | align="center" style="background:#f0f0f0;"|'''Name''' | ||
Line 16: | Line 16: | ||
| Preferred minimum key size (RSA)||4096 bits | | Preferred minimum key size (RSA)||4096 bits | ||
|- | |- | ||
− | |||
|} | |} | ||
− | {| | + | {| class="wikitable" |
|+ Encryption Modes | |+ Encryption Modes | ||
| align="center" style="background:#f0f0f0;"|'''Mode''' | | align="center" style="background:#f0f0f0;"|'''Mode''' | ||
| align="center" style="background:#f0f0f0;"|'''AKA''' | | align="center" style="background:#f0f0f0;"|'''AKA''' | ||
| align="center" style="background:#f0f0f0;"|'''Should use?''' | | align="center" style="background:#f0f0f0;"|'''Should use?''' | ||
− | | align="center" style="background:#f0f0f0;"|'''Authenticated?''' | + | | align="center" style="background:#f0f0f0;"|'''Authenticated? (unauthed modes require seperate auth)''' |
| align="center" style="background:#f0f0f0;"|'''Encryption parallelizable?''' | | align="center" style="background:#f0f0f0;"|'''Encryption parallelizable?''' | ||
| align="center" style="background:#f0f0f0;"|'''Decryption parallelizable?''' | | align="center" style="background:#f0f0f0;"|'''Decryption parallelizable?''' | ||
Line 36: | Line 35: | ||
| Output Feedback||OFB||Yes||No||No||No||No|| | | Output Feedback||OFB||Yes||No||No||No||No|| | ||
|- | |- | ||
− | | Cipher Block Chaining||CBC|| | + | | Cipher Block Chaining||CBC||No||No||No||Yes||Yes||Vulnerable to CBC-R and padding oracle attacks, steps such as encrypt-then-MAC must be taken to mitigate. |
|- | |- | ||
| Counter||CTR||Yes||No||Yes||Yes||Yes|| | | Counter||CTR||Yes||No||Yes||Yes||Yes|| | ||
Line 42: | Line 41: | ||
| Galois Counter Mode||GCM||Recommended||Yes||Yes||Yes||No||Counter mode plus authentication, very efficient. | | Galois Counter Mode||GCM||Recommended||Yes||Yes||Yes||No||Counter mode plus authentication, very efficient. | ||
|- | |- | ||
− | | | + | | EAX Mode||EAX||Yes|| || || || || |
+ | |- | ||
|} | |} | ||
− | {| | + | {| class="wikitable" |
|+ Symmetric Ciphers | |+ Symmetric Ciphers | ||
| align="center" style="background:#f0f0f0;"|'''Cipher''' | | align="center" style="background:#f0f0f0;"|'''Cipher''' | ||
Line 55: | Line 55: | ||
| align="center" style="background:#f0f0f0;"|'''Notes''' | | align="center" style="background:#f0f0f0;"|'''Notes''' | ||
|- | |- | ||
− | | AES||128||128,192,256||||Yes|| | + | | AES||128||128,192,256|| ||Yes|| || |
|- | |- | ||
− | | DES||64||56 | + | | DES||64||56|| ||No||[https://en.wikipedia.org/wiki/Data_Encryption_Standard#Brute_force_attack In 2008 their COPACOBANA RIVYERA reduced the time to break DES to less than one day, using 128 Spartan-3 5000's.]|| |
|- | |- | ||
− | | 3DES||64||168,112,56 | + | | 3DES||64||168,112,56|| ||No|| || |
|- | |- | ||
− | | Blowfish||64||32-448 | + | | Blowfish||64||32-448|| ||Not ideal|| ||This is the primary mode of encryption used in IRC encryption plugins. |
|- | |- | ||
− | | ChaCha20||||256||Yes||Yes|||| | + | | ChaCha20|| ||256||Yes||Yes|| || |
|- | |- | ||
− | | Salsa20||||256||Yes||Yes|||| | + | | Salsa20|| ||256||Yes||Yes|| || |
|- | |- | ||
− | | RC4||||40-2048 | + | | RC4|| ||40-2048||Yes||No|| || |
|- | |- | ||
− | |||
|} | |} | ||
− | {| | + | {| class="wikitable" |
|+ Asymmetric Encryption | |+ Asymmetric Encryption | ||
| align="center" style="background:#f0f0f0;"|'''Cipher''' | | align="center" style="background:#f0f0f0;"|'''Cipher''' | ||
Line 90: | Line 89: | ||
| ElGamal||No||Yes||Yes||No||Yes||2048||4096|| | | ElGamal||No||Yes||Yes||No||Yes||2048||4096|| | ||
|- | |- | ||
− | | ECDSA||Yes||Yes||Yes|| | + | | ECDSA||Yes||Yes||Yes||No||Yes||256||384|| |
|- | |- | ||
| ECDH||Yes||No||No||Yes||Yes||256||384|| | | ECDH||Yes||No||No||Yes||Yes||256||384|| | ||
|- | |- | ||
− | | Ed25519||Yes||Yes||No|| | + | | Ed25519||Yes||Yes||No||No||Recommended||512||512|| |
|- | |- | ||
| Curve25519||Yes||No||No||Yes||Recommended||256||256|| | | Curve25519||Yes||No||No||Yes||Recommended||256||256|| | ||
|- | |- | ||
− | |||
|} | |} | ||
− | {| | + | {| class="wikitable" |
|+ Hash functions | |+ Hash functions | ||
| align="center" style="background:#f0f0f0;"|'''Hash''' | | align="center" style="background:#f0f0f0;"|'''Hash''' | ||
Line 117: | Line 115: | ||
| SHA-3 (Keccak)||224-512||No||Yes||Not widely implemented yet. | | SHA-3 (Keccak)||224-512||No||Yes||Not widely implemented yet. | ||
|- | |- | ||
− | |||
|} | |} | ||
− | {| | + | {| class="wikitable" |
|+ Key Derivation Functions (KDF) | |+ Key Derivation Functions (KDF) | ||
| align="center" style="background:#f0f0f0;"|'''Algorithm''' | | align="center" style="background:#f0f0f0;"|'''Algorithm''' | ||
Line 127: | Line 124: | ||
| align="center" style="background:#f0f0f0;"|'''Slow?''' | | align="center" style="background:#f0f0f0;"|'''Slow?''' | ||
| align="center" style="background:#f0f0f0;"|'''Notes''' | | align="center" style="background:#f0f0f0;"|'''Notes''' | ||
− | | - | + | |- |
− | | | + | | Bcrypt||Yes||No||Yes|| |
− | | - | + | |- |
− | | | + | | Scrypt||Yes||No||Yes|| |
− | | - | + | |- |
| PBKDF2||Yes||No||Yes|| | | PBKDF2||Yes||No||Yes|| | ||
− | | - | + | |- |
| HKDF||No||Yes||No|| | | HKDF||No||Yes||No|| | ||
− | | - | + | |- |
− | + | ||
|} | |} | ||
− | {| | + | {| class="wikitable" |
|+ Message Authentication Codes (MAC) | |+ Message Authentication Codes (MAC) | ||
| align="center" style="background:#f0f0f0;"|'''Algorithm''' | | align="center" style="background:#f0f0f0;"|'''Algorithm''' | ||
Line 148: | Line 144: | ||
| Poly1305 ||No||Yes|| | | Poly1305 ||No||Yes|| | ||
|- | |- | ||
− | | HMAC ||Yes|| | + | | HMAC ||Yes||No|| |
|- | |- | ||
| CBC-MAC ||No||Yes|| | | CBC-MAC ||No||Yes|| | ||
Line 156: | Line 152: | ||
| CMAC ||No||Yes|| | | CMAC ||No||Yes|| | ||
|- | |- | ||
− | |||
|} | |} |
Latest revision as of 22:37, 26 October 2015
Name | Value |
Recommended public key algorithms | Curve25519, Ed25519, ECDSA, RSA |
Recommended symmetric ciphers | Salsa20, ChaCha20, AES |
Recommended minimum key size (symmetric) | 128 bits |
Preferred minimum key size (symmetric) | 256 bits |
Recommended minimum key size (RSA) | 2048 bits |
Preferred minimum key size (RSA) | 4096 bits |
Mode | AKA | Should use? | Authenticated? (unauthed modes require seperate auth) | Encryption parallelizable? | Decryption parallelizable? | Random read? | Notes |
Electronic Code Book | ECB | No | No | Yes | Yes | Yes | Same plaintext yields same ciphertext. |
Cipher Feedback | CFB | Yes | No | No | Yes | Yes | |
Output Feedback | OFB | Yes | No | No | No | No | |
Cipher Block Chaining | CBC | No | No | No | Yes | Yes | Vulnerable to CBC-R and padding oracle attacks, steps such as encrypt-then-MAC must be taken to mitigate. |
Counter | CTR | Yes | No | Yes | Yes | Yes | |
Galois Counter Mode | GCM | Recommended | Yes | Yes | Yes | No | Counter mode plus authentication, very efficient. |
EAX Mode | EAX | Yes |
Cipher | Block size (bits) | Key size (bits) | Stream? | Should use? | Estimated Time to Crack | Notes |
AES | 128 | 128,192,256 | Yes | |||
DES | 64 | 56 | No | In 2008 their COPACOBANA RIVYERA reduced the time to break DES to less than one day, using 128 Spartan-3 5000's. | ||
3DES | 64 | 168,112,56 | No | |||
Blowfish | 64 | 32-448 | Not ideal | This is the primary mode of encryption used in IRC encryption plugins. | ||
ChaCha20 | 256 | Yes | Yes | |||
Salsa20 | 256 | Yes | Yes | |||
RC4 | 40-2048 | Yes | No |
Cipher | ECC? | Signing | Encryption | DH Key exchange | Should use? | Minimum key size | Recommended key size | Notes |
RSA | No | Yes | Yes | Yes | Yes | 2048 | 4096 | |
DSA | No | Yes | Yes | No | No | 2048 | 4096 | |
ElGamal | No | Yes | Yes | No | Yes | 2048 | 4096 | |
ECDSA | Yes | Yes | Yes | No | Yes | 256 | 384 | |
ECDH | Yes | No | No | Yes | Yes | 256 | 384 | |
Ed25519 | Yes | Yes | No | No | Recommended | 512 | 512 | |
Curve25519 | Yes | No | No | Yes | Recommended | 256 | 256 |
Hash | Bits | Broken? | Should use? | Notes |
MD5 | 128 | Yes | No | Collisions can be generated at will with desktop computational power. |
SHA-1 | 160 | Yes | No | Collision are expensive to generate, but a sufficiently motivated adversary can do it. |
SHA-2 | 224-512 | No | Yes | Pseudo-collisions generated with partial SHA-256, no full attacks. |
SHA-3 (Keccak) | 224-512 | No | Yes | Not widely implemented yet. |
Algorithm | Password? | Requires uniform random input? | Slow? | Notes |
Bcrypt | Yes | No | Yes | |
Scrypt | Yes | No | Yes | |
PBKDF2 | Yes | No | Yes | |
HKDF | No | Yes | No |
Algorithm | Hash-based? | Block cipher based? | Notes |
Poly1305 | No | Yes | |
HMAC | Yes | No | |
CBC-MAC | No | Yes | |
PMAC | No | Yes | |
CMAC | No | Yes |