cryptsystem_64.mli 3 KB
Newer Older
gerd's avatar
gerd committed
1
(* $Id: cryptsystem_64.mli,v 1.2 2001/03/10 16:43:21 gerd Exp $
gerd's avatar
gerd committed
2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46
 * ----------------------------------------------------------------------
 * This module is part of the cryptgps package by Gerd Stolpmann.
 *)

(* The module type of a cryptsystem using 64 bit block ciphers. 
 * Such a module is normally not used directly to encrypt messages.
 * Only interesting for the average programmer are the key handling
 * functions:
 * - prepare: preprocesses the string representation of the key and get
 *   the internal representation. For some ciphers, this is a very expensive
 *   operation (e.g. for blowfish).
 * - is_weak: for some ciphers, some keys have bad characteristics and 
 *   should not be used to encrypt messages. These keys are called weak.
 *
 * HOW TO TRANSFORM A PASSWORD/PASSPHRASE INTO A KEY:
 *
 * It is not recommended to apply 'prepare' directly to the passphrase that
 * the user types in. As letters are much more likely than other characters,
 * and some bits are never used, the number of different keys would be
 * MUCH smaller than the number of possible keys. To avoid this, apply
 * an MD5 hash function on the ascii representation of the passphrase before
 * passing the value to 'prepare', i.e.
 *
 * let k = prepare (Digest.substring passphrase 0 (String.length passphrase))
 *
 * Note, that the resulting key has not more than 128 bits, even if the
 * passphrase is longer. 
 * To get a 256 bit key, you can concatenate the MD5 of the passphrase
 * and the MD5 of the reverted passphrase.
 * Up to now, 128 bit keys are secure.
 *
 *)

module type T =
  sig
    
    type key
      (* This is the internal, often preprocessed representation of keys. *)

    val encrypt_ecb : 
	key -> (int * int * int * int) -> (int * int * int * int)
      (* This is the ECB mode of the encryption function. The four ints
       * are numbers from 0 to 65535, and given from MSB to LSB.
       *)

gerd's avatar
gerd committed
47 48 49 50
    val encrypt_ecb_int32 : 
	key -> int32 -> int32 -> int32 ref -> int32 ref -> unit
      (* The same as encrypt_ecb, but with an int32 interface *)

gerd's avatar
gerd committed
51 52 53 54 55 56
    val decrypt_ecb : 
	key -> (int * int * int * int) -> (int * int * int * int)
      (* This is the ECB mode of the decryption function. The four ints
       * are numbers from 0 to 65535, and given from MSB to LSB.
       *)

gerd's avatar
gerd committed
57 58 59 60
    val decrypt_ecb_int32 : 
        key -> int32 -> int32 -> int32 ref -> int32 ref -> unit
      (* The same as decrypt_ecb, but with an int32 interface *)

gerd's avatar
gerd committed
61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79
    val prepare : string -> key
      (* Prepares the string representation of a key. *)

    val textkey : key -> string
      (* Gets the string representation back *)

    val is_weak : key -> bool
      (* Determines whether the key is known as being weak. Do not use
       * such keys.
       *)
  end
;;
                             


(* ======================================================================
 * History:
 * 
 * $Log: cryptsystem_64.mli,v $
gerd's avatar
gerd committed
80 81 82
 * Revision 1.2  2001/03/10 16:43:21  gerd
 * 	int32 experiments
 *
gerd's avatar
gerd committed
83 84 85 86 87
 * Revision 1.1  1999/06/04 20:42:01  gerd
 * 	Initial revision.
 *
 * 
 *)