Extending%20Kryptos%20with%20OpenSSL - PowerPoint PPT Presentation

About This Presentation
Title:

Extending%20Kryptos%20with%20OpenSSL

Description:

Extending Kryptos with OpenSSL Group IL-2: John Gibson Theodore Winograd Background Kryptos is educational software for cryptography developed at GMU. – PowerPoint PPT presentation

Number of Views:96
Avg rating:3.0/5.0
Slides: 13
Provided by: Gib70
Category:

less

Transcript and Presenter's Notes

Title: Extending%20Kryptos%20with%20OpenSSL


1
Extending Kryptos with OpenSSL
  • Group IL-2
  • John Gibson
  • Theodore Winograd

2
Background
  • Kryptos is educational software for cryptography
    developed at GMU.
  • Used in ECE 646 and 746 labs
  • Original version part of MS thesis in 2004.
  • Previous versions used only the Crypto library.
  • Why add another library?
  • Not all libraries implement same ciphers.
  • Examine implementation differences between
    libraries.

3
Accomplishments
  • Kryptos interfaces with both Crypto and OpenSSL
  • OpenSSL support for hash algorithms
  • MD2, MD4, MD5, SHA-1, SHA-256, SHA-384, SHA-512,
    RIPEMD-160
  • OpenSSL support for symmetric ciphers
  • DES, 3DES (EDE2 and EDE3), IDEA, AES, DESX,
    Blowfish
  • ECB, CBC, CFB, OFB modes
  • Kryptos development moved to Visual C 2005
  • updated Crypto library to snapshot 20060419
    (version 5.3 development)
  • SourceForge project
  • http//www.sourceforge.net/projects/kryptosproject
  • Code imported to Subversion repository
  • LibKryptos side project

4
Library Linking
  • Previous Kryptos code statically linked to
    Crypto
  • End product was single executable
  • Must be rebuilt for every library update
  • Both Crypto and OpenSSL have DLL options for
    Windows.
  • Crypto DLL only supports their FIPS validated
    algorithms. Would still need to statically link
    non-FIPS validated ones.
  • OpenSSL DLL supports all algorithms
  • Both libraries have FIPS version, but lag behind
    newest releases
  • Conflicting remarks if FIPS OpenSSL may be built
    with Visual C

5
Our path
  • DLL for OpenSSL, not for Crypto
  • Kryptos is educational software, how important is
    use of FIPS validated algorithms?
  • will ensure the operation is correct
  • wont have newest versions of libraries
  • We chose not to use FIPS validated versions of
    libraries
  • Used OpenSSL 0.9.8d
  • First wrote sample code (external to Kryptos) to
    test using OpenSSL DLL
  • Added GUI components for OpenSSL to Kryptos

6
Kryptos Structure
  • KryptosDlg.cpp controls the action
  • OnAlgorithmSet
  • Pulls up the list of algorithms
  • OnAlgorithmParametersSetAlg
  • Pulls up the list of algorithm parameters
  • OnTnwDialogButtonTransform
  • Loads files
  • Calls CCryptoPPLink
  • OnLibSet
  • Allows library selection
  • CCryptoPPLink is linkage between Kryptos and
    Crypto library.

7
Kryptos Structure changes
  • Created CCryptoLink class
  • abstract layer between Kryptos and libraries
  • parent of CCryptoPPLink
  • Kryptos using CCryptoLink instead of CryptoPPLink
    directly
  • Set all non-virtual CCryptoPPLink functions and
    attributes private
  • Kryptos tested and working with polymorphism
  • Created OpenSSLLink class
  • Implemented hashing and symmetric cipher OpenSSL
    interfaces

8
Bumps along the road
  • Version of Crypto used in Kryptos 2.0 not
    compatible with Visual C 2005
  • Existing code doesnt separate GUI and biz logic
  • Bugs in previous code version (IDEA key size)
  • Kryptos and Crypto tightly coupled for public
    key
  • Existing code needed cleanup
  • removed unused files from project
  • fixed code where longs assigned to ints
  • fixed signed/unsigned mismatches
  • muted Visual C warnings on unsafe function
    calls (i.e. strcpy)
  • updated about dialog box info

9
Performance Comparison
  • One library is not faster for all algorithms
    ?
  • Debug code is much slower than release
  • SHA-512 of Solaris 10 x86 06/06 DVD ISO (2.81
    GB), without I/O
  • Debug Crypto
  • 484.544551 seconds, 886,111,515,487 cycles
  • Release Crypto
  • 103.896974 seconds, 190,001,626,958 cycles
  • OpenSSL (release DLL) 105.715715 seconds,
    193,327,758,910 cycles

10
Screenshots
  • Kryptos 3.0
  • library selection
  • LibKryptos

11
Future work
  • Enable more algorithms offered via the Crypto
    and OpenSSL libraries.
  • Add more libraries
  • GUI improvements
  • Scripting or batch mode
  • Numerical analysis support for results
  • Hunt down pesky bugs that cause crashes
  • Cleanup and further document the code

12
In Closing...
  • Kryptos has been extended to use another library.
  • Available at http//www.sourceforge.net/projects/k
    ryptosporject
  • Any questions?
Write a Comment
User Comments (0)
About PowerShow.com