On Thursday, November 16, 2017 at 8:32:59 PM UTC-5, El Ray wrote: > > ... > > Has anyone successfully used threefish-1024 (or -512 which I surmise would > have the same issue)? >
This looks like a bug on our (my?) part. I say "my" because I cut it in. Looking at our test vectors, we could only get a hold of ECB mode. We exercise a Tweak but not an IV. Cf., https://github.com/weidai11/cryptopp/blob/master/TestVectors/threefish.txt . The last time I checked Botan is missing Threefish-1024, so I could not produce them from Botan, either. Looking at the source code it looks like IV_Length=32 is wrong for Threefish-1024. It is the default IV length, and it is paired with the default key length. Later, when a key is set, IVLength() should return the correct length under a key. That's how it is supposed to work. The wrinkle is, we may not be getting dynamic dispatch such that IVLength() and Blocksize() are being called, so we stay latched on the initial value. This is part of a bigger engineering discomfort/problem when trying to add variable block sizes to the library (which happened in May 2017). Here's a couple of bug reports we used to track them: "Add support for variable block sizes", https://github.com/weidai11/cryptopp/issues/408 and "Add Threefish block cipher" https://github.com/weidai11/cryptopp/issues/422. After we cut-in variable block sizes I felt a little uneasy about them. They felt like they were a little forced. At this point I think we should back pedal a bit and walk away from variable block ciphers using the "wait until a key is set to take shape" pattern. I think we should just provide Threefish_256, Threefish_512 and Threefish_1024 classes. We can rework them using a common base so base class pointers and references work as expected. Give us a day or two for Threefish_256, Threefish_512 and Threefish_1024. It should be a quick cut-over. We also need to get a hold of more test vectors. Does anyone happen to know where additional test vectors are available for Threefish block cipher? (Skein vectors are readily available. Its Threefish block cipher that's missing them). Jeff -- -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
