Questions about this topic? Sign up to ask in the talk tab.
Difference between revisions of "List of cryptography functions"
From NetSec
| Line 25: | Line 25: | ||
| align="center" style="background:#f0f0f0;"|'''AKA''' | | align="center" style="background:#f0f0f0;"|'''AKA''' | ||
| align="center" style="background:#f0f0f0;"|'''Should use?''' | | align="center" style="background:#f0f0f0;"|'''Should use?''' | ||
| + | | align="center" style="background:#f0f0f0;"|'''Authenticated?''' | ||
| align="center" style="background:#f0f0f0;"|'''Encryption parallelizable?''' | | align="center" style="background:#f0f0f0;"|'''Encryption parallelizable?''' | ||
| align="center" style="background:#f0f0f0;"|'''Decryption parallelizable?''' | | align="center" style="background:#f0f0f0;"|'''Decryption parallelizable?''' | ||
| Line 30: | Line 31: | ||
| align="center" style="background:#f0f0f0;"|'''Notes''' | | align="center" style="background:#f0f0f0;"|'''Notes''' | ||
|- | |- | ||
| − | | Electronic Code Book||ECB||No||Yes||Yes||Yes||Same plaintext yields same ciphertext. | + | | Electronic Code Book||ECB||No||No||Yes||Yes||Yes||Same plaintext yields same ciphertext. |
|- | |- | ||
| − | | Cipher Feedback||CFB||Yes | + | | Cipher Feedback||CFB||Yes||No||No||Yes||Yes|| |
|- | |- | ||
| − | | Output Feedback||OFB||Yes | + | | Output Feedback||OFB||Yes||No||No||No||No|| |
|- | |- | ||
| − | | Cipher Block Chaining||CBC||Yes | + | | Cipher Block Chaining||CBC||Yes||No||No||Yes||Yes|| |
|- | |- | ||
| − | | Counter||CTR||Yes | + | | Counter||CTR||Yes||No||Yes||Yes||Yes|| |
|- | |- | ||
| − | | Galois Counter Mode||GCM||Recommended||Yes||Yes||No||Counter mode plus authentication, very efficient. | + | | Galois Counter Mode||GCM||Recommended||Yes||Yes||Yes||No||Counter mode plus authentication, very efficient. |
|- | |- | ||
|} | |} | ||
Revision as of 18:52, 18 October 2015
| Name | Value |
| Recommended public key algorithms | Curve25519, Ed25519, ECDSA, RSA |
| Recommended symmetric ciphers | Salsa20, ChaCha20, AES |
| Recommended minimum key size (symmetric) | 128 bits |
| Preferred minimum key size (symmetric) | 256 bits |
| Recommended minimum key size (RSA) | 2048 bits |
| Preferred minimum key size (RSA) | 4096 bits |
| Mode | AKA | Should use? | Authenticated? | Encryption parallelizable? | Decryption parallelizable? | Random read? | Notes |
| Electronic Code Book | ECB | No | No | Yes | Yes | Yes | Same plaintext yields same ciphertext. |
| Cipher Feedback | CFB | Yes | No | No | Yes | Yes | |
| Output Feedback | OFB | Yes | No | No | No | No | |
| Cipher Block Chaining | CBC | Yes | No | No | Yes | Yes | |
| Counter | CTR | Yes | No | Yes | Yes | Yes | |
| Galois Counter Mode | GCM | Recommended | Yes | Yes | Yes | No | Counter mode plus authentication, very efficient. |
| Cipher | Block size (bits) | Key size (bits) | Stream? | Should use? | Estimated Time to Crack | Notes | |
| AES | 128 | 128,192,256 | Yes | ||||
| DES | 64 | 56 | No | In 2008 their COPACOBANA RIVYERA reduced the time to break DES to less than one day, using 128 Spartan-3 5000's. | |||
| 3DES | 64 | 168,112,56 | No | ||||
| Blowfish | 64 | 32-448 | Not ideal | This is the primary mode of encryption used in IRC encryption plugins. | |||
| Hash | Bits | Broken? | Should use? | Notes |
| MD5 | 128 | Yes | No | Collisions can be generated at will with desktop computational power. |
| SHA-1 | 160 | Yes | No | Collision are expensive to generate, but a sufficiently motivated adversary can do it. |
| SHA-2 | 224-512 | No | Yes | Pseudo-collisions generated with partial SHA-256, no full attacks. |
| SHA-3 (Keccak) | 224-512 | No | Yes | Not widely implemented yet. |
