<html><body bgcolor="#FFFFFF"><div><div><div>FYI<br><br><br>Vidarebefordrat brev:<br><br></div><blockquote type="cite"><div><b>Från:</b> Jack Lloyd <<a href="mailto:lloyd@randombit.net"></a><a href="mailto:lloyd@randombit.net"><a href="mailto:lloyd@randombit.net">lloyd@randombit.net</a></a>><br><b>Datum:</b> 1 mars 2010 18.27.35 CET<br><b>Till:</b> botan dev list <<a href="mailto:botan-devel@randombit.net"></a><a href="mailto:botan-devel@randombit.net"><a href="mailto:botan-devel@randombit.net">botan-devel@randombit.net</a></a>><br><b>Ämne:</b> <b>[Botan-devel] State of 1.9</b><br><b>Svara till:</b> Botan development list <<a href="mailto:botan-devel@randombit.net"></a><a href="mailto:botan-devel@randombit.net"><a href="mailto:botan-devel@randombit.net">botan-devel@randombit.net</a></a>><br><br></div></blockquote><div></div><blockquote type="cite"><div><span></span><br><span>A quick update on the status of the 1.9 tree. I've merged Ajisai's</span><br><span>SSL/TLS implementation into mainline. Currently it relies on a Socket</span><br><span>wrapper class (an implementation exists for BSD sockets), which the</span><br><span>SSL code interacts with in a blocking manner. In the long view (before</span><br><span>1.10.0), this will change to be event-driven so there are no socket</span><br><span>dependencies in the library proper, and so applications can use</span><br><span>whatever interprocess method they prefer (BSD sockets, asio, Winsock,</span><br><span>libevent, etc). The code is very alpha still, and I know there is a</span><br><span>least one bug that causes crashes in the server-side handshake in the</span><br><span>current code. I would encourage anyone who is interested to consider</span><br><span>hacking on this stuff, there are a number of useful features</span><br><span>(including TLS 1.1 and 1.2, TLS extensions, reading SSLv2 client</span><br><span>hellos, etc, etc) that could be very nice to have.</span><br><span></span><br><span>I've added the GOST 34.10-2001 signature scheme at the request of the</span><br><span>OpenDNSSEC/SoftHSM developers, because GOST is in the process of being</span><br><span>added to DNSSEC and apparently will be required for use by the Russian</span><br><span>security agencies.</span><br><span></span><br><span>SIMD optimizations continue with implementations of IDEA (SSE2 only)</span><br><span>and Noekeon (SSE2 or Altivec), and now XTS mode and CBC (decryption</span><br><span>only; CBC encryption of a single stream requires iterative operation)</span><br><span>will process data using SIMD where possible. So using a SIMD-enabled</span><br><span>cipher with these modes offers substantial performance improvements.</span><br><span>This will also be useful with AES for those with processors that</span><br><span>included AES-NI since the AES-NI code in botan does 4 blocks in</span><br><span>parallel to hide instruction latencies as recommended by Intel.</span><br><span></span><br><span>The ECC code has been substantially modified, in particular removing</span><br><span>the use of shared_ptr, because it was causing strange crashes with</span><br><span>certain GCC versions on certain processors (for instance on x86-32 but</span><br><span>not x86-64 with the primary GCC version I use on my machine) that I</span><br><span>was unable to diagnose or understand, even with valgrind's help. On</span><br><span>the plus side this change means ECDSA will be available for Windows</span><br><span>developers as well. Part of this refactoring included removing many of</span><br><span>the Montgomery optimizations that had been included, so currently ECC</span><br><span>is substantially slower than it is in 1.8 (and it is not particularly</span><br><span>fast there either). My goal with ECC is for ECDSA to be at least 1/2</span><br><span>the speed of OpenSSL's ECDSA by 1.10.0 - since it currently is between</span><br><span>20 and 100 times slower, there is some rather major room for</span><br><span>improvement there.</span><br><span></span><br><span>A block cipher cascade is now available - for instance</span><br><span>"Cascade(Serpent,CAST-128)" is a 128-bit block cipher that encrypts</span><br><span>first with Serpent and then with CAST-128 (since CAST-128 is a 64-bit</span><br><span>cipher the two halves of the Serpent output are encrypted</span><br><span>seperately). Probably more useful is something like</span><br><span>"Cascade(Serpent,AES-256)" or (for the uber-paranoid who don't much</span><br><span>care about performance) "Cascade(Serpent,Twofish,MARS,RC6,AES-256)".</span><br><span>I should add an alias for that last one so it can be called as</span><br><span>"AES_Quinfecta".</span><br><span></span><br><span>A password hashing scheme (for user authentication, ala crypt(3) or</span><br><span>bcrypt) is available. It is a custom scheme based on PBKDF2 called</span><br><span>passhash9. I plan on documenting this scheme and providing</span><br><span>implementations in C, Python, etc once I have the time (interoperating</span><br><span>C and Python implementations are written already but writeup is not).</span><br><span></span><br><span>The S2K interface has changed. Instead of the current API where the</span><br><span>salt, iteration counts, etc are set with individual calls, followed by</span><br><span>derive_key() taking just the passphrase, all arguments are passed to</span><br><span>derive_key. This is simpler and easier to deal with in 99% of the use</span><br><span>cases I've encountered.</span><br><span></span><br><span>Passing --gen-amalgamation to configure.py will create two files,</span><br><span>botan_all.cpp and botan_all.h, which can be included in third party</span><br><span>projects that don't want to depend on an external library. Just</span><br><span>compile the .cpp file into your app and use botan_all.h wherever you</span><br><span>included any botan header. The assembly code and a few of the SIMD</span><br><span>modules are not available in the amalgamation, but everything else is.</span><br><span>The amalgamation only includes configured options so you can create</span><br><span>a minimal amalgamation using</span><br><span> --no-autoload --enable-modules=<specific things you need></span><br><span></span><br><span>Things currently holding up the release:</span><br><span></span><br><span> - You still can't create static libraries on VC++. --disable-shared</span><br><span> is ignored. Lots of requests for this.</span><br><span> - Fixing the SSL handshake crash. Be kind of embarassing to announce</span><br><span> adding SSL to the release when servers don't work at all.</span><br><span></span><br><span>Things that would be nice to have before 1.9.4:</span><br><span></span><br><span> - Adding Montgomery optimizations back to ECC. Clearly using Barrett</span><br><span> reduction for this is not going to cut it, performance-wise.</span><br><span> - Adding ECDH/ECDSA ciphersuites to the SSL implementation. Maybe</span><br><span> even the NSA Suite B CBC suites? (RFC 5430).</span><br><span></span><br><span>-Jack</span><br><span>_______________________________________________</span><br><span>botan-devel mailing list</span><br><span><a href="mailto:botan-devel@randombit.net"></a><a href="mailto:botan-devel@randombit.net"><a href="mailto:botan-devel@randombit.net">botan-devel@randombit.net</a></a></span><br><span><a href="http://lists.randombit.net/mailman/listinfo/botan-devel"></a><a href="http://lists.randombit.net/mailman/listinfo/botan-devel"><a href="http://lists.randombit.net/mailman/listinfo/botan-devel">http://lists.randombit.net/mailman/listinfo/botan-devel</a></a></span><br></div></blockquote></div><div></div></div><div></div></body></html>