Template:Infobox software Crypto++ (also known as CryptoPP, libcrypto++, and libcryptopp) is a free and open source C++ class library of cryptographic algorithms and schemes written by Wei Dai. Crypto++ has been widely used in academia, student projects, open source and non-commercial projects, as well as businesses.[1] Released in 1995, the library fully supports 32-bit and 64-bit architectures for many major operating systems, including Apple, BSD, Linux, and Windows. The project also supports compilation under a variety of compilers and IDEs, including Borland Turbo C++, Borland C++ Builder, CodeWarrior Pro, GCC (including Apple's GCC), Intel C++ Compiler (ICC), Microsoft Visual C/C++, and Sun Studio.
Algorithms[]
Crypto++ ordinarily provides complete cryptographic implementations, and often includes less popular, less frequently-used schemes. For example, Camellia is a ISO/NESSIE/IETF-approved block cipher roughly equivalent to AES, and Whirlpool is a ISO/NESSIE/IETF-approved hash function roughly equivalent to SHA; both are included in the library.[2] [3]
Additionally, the Crypto++ library sometimes makes proposed and bleeding edge algorithms and implementations available for study by the cryptographic community. For example, VMAC, a universal hash-based message authentication code, was added to the library during its submission to the Internet Engineering Task Force (CFRG Working Group); and Brainpool curves, proposed in March 2009 as an Internet Draft in RFC 5639, were added to Crypto++ 5.6.0 in the same month.[4] [5]
| Primitive or Operation | Algorithms or Implementations |
|---|---|
| Pseudorandom number generators | LCG, KDF2, Blum Blum Shub, ANSI X9.17 |
| High speed stream ciphers | Panama, Sosemanuk, Salsa20, XSalsa20 |
| AES and AES candidates | Rijndael (AES selection), RC6, MARS, Twofish, Serpent, CAST-256 |
| Other block ciphers | IDEA, Triple-DES (DES-EDE2 and DES-EDE3), Camellia, SEED, RC5, Blowfish, TEA, XTEA, Skipjack, SHACAL-2 |
| Block cipher modes of operation | ECB, CBC, Ciphertext stealing (CTS), CFB, OFB, Counter (CTR) |
| Authenticated encryption modes | CCM, GCM, EAX |
| Block ciphers padding schemes | PKCS#5, PKCS#7, Zeros, One and zeros |
| Message authentication codes | VMAC, HMAC, CMAC, CBC-MAC, DMAC, Two-Track-MAC |
| Hash functions | SHA-1, SHA-2 (SHA-224, SHA-256, SHA-384, and SHA-512), Tiger, WHIRLPOOL, RIPEMD-128, RIPEMD-256, RIPEMD-160, RIPEMD-320 |
| Password based key derivation functions | PBKDF1 and PBKDF2 from PKCS #5, PBKDF from PKCS #12 appendix B |
| Public-key cryptography | RSA, DSA, ElGamal, Nyberg-Rueppel (NR), Rabin-Williams (RW), LUC, LUCELG, DLIES (variants of DHAES), ESIGN |
| Padding schemes for public-key systems | PKCS#1 v2.0, OAEP, PSS, PSSR, IEEE P1363 EMSA2 and EMSA5 |
| Key agreement schemes | Diffie-Hellman (DH), Unified Diffie-Hellman (DH2), Menezes-Qu-Vanstone (MQV), LUCDIF, XTR-DH |
| Elliptic curve cryptography | ECDSA, ECNR, ECIES, ECDH, ECMQV |
| Secret Sharing | Shamir's secret sharing scheme, Rabin's information dispersal algorithm (IDA) |
The library also makes available primitives for number theoretic operations such as a fast multi-precision integers; prime number generation and verification; finite field arithmetic, including GF(p) and GF(2n); elliptical curves; and polynomial operations.
Furthermore, the library retains a collection of insecure or obsolescent algorithms for backward compatibility and historical value: MD2, MD4, MD5, Panama Hash, DES, ARC4, SEAL 3.0, WAKE, WAKE-OFB, DESX (DES-XEX3), RC2, SAFER, 3-WAY, GOST, SHARK, CAST-128, and Square.
Performance[]
In a 2007 ECRYPT workshop paper focusing on public key implementations of eight libraries, Ashraf Abusharekh and Kris Kaj found that "Crypto++ 5.1 [sic] leads in terms of support for cryptographic primitives and schemes, but is the slowest of all investigated libraries."[6]
In 2008, speed tests carried out by Timo Bingmann using seven open source security libraries with 15 block ciphers, Crypto++ 5.5.2 was the top performing library under two block ciphers, and did not rank below the average library performance under the remaining block ciphers.[7]
Crypto++ also includes an auto-benchmarking feature, available from the command line (cryptest.exe b), the results of which are available at Crypto++ 5.6.0 Benchmarks.[8]
As with many other cryptographic libraries available for 32-bit and 64-bit x86 architectures, Crypto++ includes assembly routines for AES using AES-NI. With AES-NI, AES performance improves dramatically: 128-bit AES/GCM throughput increases from approximately 28.0 cycles per byte to 3.5 cycles per byte.[9] [10] [11]
Version Releases[]
Crypto++ 1.0 was released in June 1995. Since its initial release, the library has seen nearly two dozen revisions, including an architectural change in version 5.0.[12][13] There have been eight releases using the version 5.0 architecture as of August 2010.[14]
| Version | Released Date |
|---|---|
| Crypto++ 5.0 | September 11, 2002 |
| Crypto++ 5.1 | March 24, 2003 |
| Crypto++ 5.2.1 | July 21, 2004 |
| Crypto++ 5.4 | December 23, 2006 |
| Crypto++ 5.5.1 | May 25, 2007 |
| Crypto++ 5.5.2 | September 24, 2007 |
| Crypto++ 5.6.0 | March 15, 2009 |
| Crypto++ 5.6.1 | August 9, 2010 |
Lawrence Teo's compilation of previous Crypto++ releases dating back to 1995 can be found in the users group archives.[15]
FIPS Compliance[]
Unlike OpenSSL, which encountered post-validation issues from closed-sourced, for-profit factions,[16] Crypto++ has received three Federal Information Processing Standard (FIPS) 140-2 Level 1 module validations with no post-validation issues.[17]
| Version | Certificate | Dates |
|---|---|---|
| Crypto++ 5.0.4 | Certificate 343[18] | 2003-09-05, 2005-10-28 |
| Crypto++ 5.2.3 | Certificate 562[19] | 2005-07-29, 2005-08-24, 2005-10-28 |
| Crypto++ 5.3.0 | Certificate 819[20] | 2007-08-13, 2007-08-17 |
Licensing[]
As of version 5.6.1, Crypto++ consists of only public domain files, with a compilation copyright and a single open source license for the compilation copyright:[21]
Template:Cquote
See also[]
Template:Portal box
- Computer science
- Symmetric cipher
References[]
- ↑
- J. Kelsey, B. Schneier, D. Wagner, C. Hall (1998). "Cryptanalytic Attacks on Pseudorandom Number Generators". Fast Software Encryption, 5th International Proceedings. http://www.schneier.com/paper-prngs.pdf. Retrieved 2010-08-10.
- C. Adjih, D. Raffo, P. Mühlethaler (2004). "OLSR: Distributed Key Management for Security". Independent Research. http://www2.lifl.fr/SERAC/downloads/attacks-olsr-dkm.pdf. Retrieved 2010-08-10.
- X. Yinglian, M. K. Reiter, D. O'Hallaron (2006). "Protecting Privacy in Key-Value Search Systems". Computer Security Applications Conference (ACSAC). http://www.cs.cmu.edu/~ylxie/papers/report03.pdf. Retrieved 2010-08-10.
- T. Zidenberg (2010). "Optimizing Crypto++ library for P4". Technion, Israel Institute of Technology Website. http://softlab-pro-web.technion.ac.il/projects/cryptoppopt/html/projectBook.html. Retrieved 2010-08-10.
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
- ↑ Template:Cite web
External links[]
- Official website
- Crypto++ SourceForge project
- List of projects that use Crypto++ (Includes nonprofit and for profit projects)
- Crypto++ users group