From c210f24853fddfdf89fd98369ff7b58d336ab800 Mon Sep 17 00:00:00 2001 From: Steffen Jaeckel Date: Wed, 20 Sep 2017 13:54:42 +0200 Subject: [PATCH] IV is short for 'initialization vector' --- doc/crypt.tex | 40 +++++++++---------- .../chachapoly/chacha20poly1305_memory.c | 4 +- src/encauth/gcm/gcm_memory.c | 4 +- src/headers/tomcrypt_cipher.h | 4 +- src/mac/hmac/hmac_init.c | 2 +- src/modes/cbc/cbc_getiv.c | 6 +-- src/modes/cbc/cbc_setiv.c | 4 +- src/modes/cbc/cbc_start.c | 2 +- src/modes/cfb/cfb_getiv.c | 6 +-- src/modes/cfb/cfb_setiv.c | 4 +- src/modes/cfb/cfb_start.c | 2 +- src/modes/ctr/ctr_getiv.c | 6 +-- src/modes/ctr/ctr_setiv.c | 4 +- src/modes/ctr/ctr_start.c | 2 +- src/modes/f8/f8_getiv.c | 6 +-- src/modes/f8/f8_setiv.c | 4 +- src/modes/f8/f8_start.c | 2 +- src/modes/ofb/ofb_getiv.c | 6 +-- src/modes/ofb/ofb_setiv.c | 4 +- src/modes/ofb/ofb_start.c | 2 +- 20 files changed, 57 insertions(+), 57 deletions(-) diff --git a/doc/crypt.tex b/doc/crypt.tex index 13a0f88..5f62fce 100644 --- a/doc/crypt.tex +++ b/doc/crypt.tex @@ -781,7 +781,7 @@ This snippet is a small program that registers Rijndael. \subsection{Background} A typical symmetric block cipher can be used in chaining modes to effectively encrypt messages larger than the block size of the cipher. Given a key $k$, a plaintext $P$ and a cipher $E$ we shall denote the encryption of the block -$P$ under the key $k$ as $E_k(P)$. In some modes there exists an initial vector denoted as $C_{-1}$. +$P$ under the key $k$ as $E_k(P)$. In some modes there exists an initialization vector denoted as $C_{-1}$. \subsubsection{ECB Mode} \index{ECB mode} @@ -799,19 +799,19 @@ It is given as: \begin{equation} C_i = E_k(P_i \oplus C_{i - 1}) \end{equation} -It is important that the initial vector be unique and preferably random for each message encrypted under the same key. +It is important that the initialization vector be unique and preferably random for each message encrypted under the same key. \subsubsection{CTR Mode} \index{CTR mode} -CTR or Counter Mode is a mode which only uses the encryption function of the cipher. Given a initial vector which is +CTR or Counter Mode is a mode which only uses the encryption function of the cipher. Given a initialization vector which is treated as a large binary counter the CTR mode is given as: \begin{eqnarray} C_{-1} = C_{-1} + 1\mbox{ }(\mbox{mod }2^W) \nonumber \\ C_i = P_i \oplus E_k(C_{-1}) \end{eqnarray} -Where $W$ is the size of a block in bits (e.g. 64 for Blowfish). As long as the initial vector is random for each message +Where $W$ is the size of a block in bits (e.g. 64 for Blowfish). As long as the initialization vector is random for each message encrypted under the same key replay and swap attacks are infeasible. CTR mode may look simple but it is as secure -as the block cipher is under a chosen plaintext attack (provided the initial vector is unique). +as the block cipher is under a chosen plaintext attack (provided the initialization vector is unique). \subsubsection{CFB Mode} \index{CFB mode} @@ -822,7 +822,7 @@ C_{-1} = E_k(C_i) \end{eqnarray} Note that in this library the output feedback width is equal to the size of the block cipher. That is this mode is used to encrypt whole blocks at a time. However, the library will buffer data allowing the user to encrypt or decrypt partial -blocks without a delay. When this mode is first setup it will initially encrypt the initial vector as required. +blocks without a delay. When this mode is first setup it will initially encrypt the initialization vector as required. \subsubsection{OFB Mode} \index{OFB mode} @@ -1012,7 +1012,7 @@ int main(void) /* start up CTR mode */ if ((err = ctr_start( find_cipher("twofish"), /* index of desired cipher */ - IV, /* the initial vector */ + IV, /* the initialization vector */ key, /* the secret key */ 16, /* length of secret key (16 bytes) */ 0, /* 0 == default # of rounds */ @@ -1786,7 +1786,7 @@ With CCM, a header is meta--data you want to send with the message but not have as \textit{aadlen}. \subsection{Nonce Vector} -After the state has been initialized (or reset) the next step is to add the session (or packet) initial vector. It should be unique per packet encrypted. +After the state has been initialized (or reset) the next step is to add the session (or packet) initialization vector. It should be unique per packet encrypted. \index{ccm\_add\_nonce()} \begin{verbatim} @@ -1973,7 +1973,7 @@ Galois counter mode is an IEEE proposal for authenticated encryption (also it is however, unlike EAX it cannot accept \textit{additional authentication data} (meta--data) after plaintext has been processed. This mode also only works with block ciphers with a 16--byte block. -A GCM stream is meant to be processed in three modes, one after another. First, the initial vector (per session) data is processed. This should be +A GCM stream is meant to be processed in three modes, one after another. First, the initialization vector (per session) data is processed. This should be unique to every session. Next, the the optional additional authentication data is processed, and finally the plaintext (or ciphertext depending on the direction). \subsection{Initialization} @@ -1989,8 +1989,8 @@ int gcm_init( gcm_state *gcm, This initializes the GCM state \textit{gcm} for the given cipher indexed by \textit{cipher}, with a secret key \textit{key} of length \textit{keylen} octets. The cipher chosen must have a 16--byte block size (e.g., AES). -\subsection{Initial Vector} -After the state has been initialized (or reset) the next step is to add the session (or packet) initial vector. It should be unique per packet encrypted. +\subsection{Initialization Vector} +After the state has been initialized (or reset) the next step is to add the session (or packet) initialization vector. It should be unique per packet encrypted. \index{gcm\_add\_iv()} \begin{verbatim} @@ -1998,7 +1998,7 @@ int gcm_add_iv( gcm_state *gcm, const unsigned char *IV, unsigned long IVlen); \end{verbatim} -This adds the initial vector octets from \textit{IV} of length \textit{IVlen} to the GCM state \textit{gcm}. You can call this function as many times as required +This adds the initialization vector octets from \textit{IV} of length \textit{IVlen} to the GCM state \textit{gcm}. You can call this function as many times as required to process the entire IV. Note: the GCM protocols provides a \textit{shortcut} for 12--byte IVs where no pre-processing is to be done. If you want to minimize per packet latency it is ideal @@ -2193,8 +2193,8 @@ int chacha20poly1305_init(chacha20poly1305_state *st, This initializes the ChaCha20--Poly1305 state \textit{st} with a secret key \textit{key} of length \textit{keylen} octets (valid lengths: 32 or 16). -\subsection{Initial Vector} -After the state has been initialized the next step is to add the initial vector. +\subsection{Initialization Vector} +After the state has been initialized the next step is to add the initialization vector. \index{chacha20poly1305\_setiv()} \begin{verbatim} @@ -2202,7 +2202,7 @@ int chacha20poly1305_setiv(chacha20poly1305_state *st, const unsigned char *iv, unsigned long ivlen); \end{verbatim} -This adds the initial vector from \textit{iv} of length \textit{ivlen} octects (valid lengths: 8 or 12) to +This adds the initialization vector from \textit{iv} of length \textit{ivlen} octects (valid lengths: 8 or 12) to the ChaCha20--Poly1305 state \textit{st}. \index{chacha20poly1305\_setiv\_rfc7905()} @@ -2212,7 +2212,7 @@ int chacha20poly1305_setiv_rfc7905(chacha20poly1305_state *st, unsigned long ivlen, ulong64 sequence_number); \end{verbatim} -This also adds the initial vector from \textit{iv} of length \textit{ivlen} octects (valid lengths: 8 or 12) to +This also adds the initialization vector from \textit{iv} of length \textit{ivlen} octects (valid lengths: 8 or 12) to the state \textit{st} but it also incorporates 64bit \textit{sequence\_number} into IV as described in RFC7905. You can call only one of \textit{chacha20poly1305\_setiv} or \textit{chacha20poly1305\_setiv\_rfc7905}. @@ -6163,7 +6163,7 @@ As above, but we generate as many bytes as requested in outlen per the OpenSSL e \subsection{Algorithm Two} Algorithm Two is the recommended algorithm for this task. It allows variable length salts, and can produce outputs larger than the -hash functions output. As such, it can easily be used to derive session keys for ciphers and MACs as well initial vectors as required +hash functions output. As such, it can easily be used to derive session keys for ciphers and MACs as well initialization vectors as required from a single password and invocation of this algorithm. \index{pkcs\_5\_alg2()} @@ -7295,8 +7295,8 @@ struct ltc_cipher_descriptor { /** Accelerated GCM packet (one shot) @param key The secret key @param keylen The length of the secret key - @param IV The initial vector - @param IVlen The length of the initial vector + @param IV The initialization vector + @param IVlen The length of the initialization vector @param adata The additional authentication data (header) @param adatalen The length of the adata @param pt The plaintext @@ -7412,7 +7412,7 @@ through the accel\_ecb\_encrypt and accel\_ecb\_decrypt pointers. The \textit{b \subsubsection{Accelerated CBC} These two functions are meant for accelerated CBC encryption. These functions are accessed through the accel\_cbc\_encrypt and accel\_cbc\_decrypt pointers. -The \textit{blocks} value is the number of complete blocks to process. The \textit{IV} is the CBC initial vector. It is an input upon calling this function and must be +The \textit{blocks} value is the number of complete blocks to process. The \textit{IV} is the CBC initialization vector. It is an input upon calling this function and must be updated by the function before returning. \subsubsection{Accelerated CTR} diff --git a/src/encauth/chachapoly/chacha20poly1305_memory.c b/src/encauth/chachapoly/chacha20poly1305_memory.c index b9e4d2e..e1999cb 100644 --- a/src/encauth/chachapoly/chacha20poly1305_memory.c +++ b/src/encauth/chachapoly/chacha20poly1305_memory.c @@ -15,8 +15,8 @@ Process an entire GCM packet in one call. @param key The secret key @param keylen The length of the secret key - @param iv The initial vector - @param ivlen The length of the initial vector + @param iv The initialization vector + @param ivlen The length of the initialization vector @param aad The additional authentication data (header) @param aadlen The length of the aad @param in The plaintext diff --git a/src/encauth/gcm/gcm_memory.c b/src/encauth/gcm/gcm_memory.c index 0c8eed8..7b59960 100644 --- a/src/encauth/gcm/gcm_memory.c +++ b/src/encauth/gcm/gcm_memory.c @@ -20,8 +20,8 @@ @param cipher Index of cipher to use @param key The secret key @param keylen The length of the secret key - @param IV The initial vector - @param IVlen The length of the initial vector + @param IV The initialization vector + @param IVlen The length of the initialization vector @param adata The additional authentication data (header) @param adatalen The length of the adata @param pt The plaintext diff --git a/src/headers/tomcrypt_cipher.h b/src/headers/tomcrypt_cipher.h index c4361cd..2ed201d 100644 --- a/src/headers/tomcrypt_cipher.h +++ b/src/headers/tomcrypt_cipher.h @@ -499,8 +499,8 @@ extern struct ltc_cipher_descriptor { /** Accelerated GCM packet (one shot) @param key The secret key @param keylen The length of the secret key - @param IV The initial vector - @param IVlen The length of the initial vector + @param IV The initialization vector + @param IVlen The length of the initialization vector @param adata The additional authentication data (header) @param adatalen The length of the adata @param pt The plaintext diff --git a/src/mac/hmac/hmac_init.c b/src/mac/hmac/hmac_init.c index 79e1f24..6b6505e 100644 --- a/src/mac/hmac/hmac_init.c +++ b/src/mac/hmac/hmac_init.c @@ -75,7 +75,7 @@ int hmac_init(hmac_state *hmac, int hash, const unsigned char *key, unsigned lon zeromem((hmac->key) + keylen, (size_t)(LTC_HMAC_BLOCKSIZE - keylen)); } - /* Create the initial vector for step (3) */ + /* Create the initialization vector for step (3) */ for(i=0; i < LTC_HMAC_BLOCKSIZE; i++) { buf[i] = hmac->key[i] ^ 0x36; } diff --git a/src/modes/cbc/cbc_getiv.c b/src/modes/cbc/cbc_getiv.c index ef2e659..fbf6834 100644 --- a/src/modes/cbc/cbc_getiv.c +++ b/src/modes/cbc/cbc_getiv.c @@ -16,9 +16,9 @@ #ifdef LTC_CBC_MODE /** - Get the current initial vector - @param IV [out] The destination of the initial vector - @param len [in/out] The max size and resulting size of the initial vector + Get the current initialization vector + @param IV [out] The destination of the initialization vector + @param len [in/out] The max size and resulting size of the initialization vector @param cbc The CBC state @return CRYPT_OK if successful */ diff --git a/src/modes/cbc/cbc_setiv.c b/src/modes/cbc/cbc_setiv.c index 06352ad..255d641 100644 --- a/src/modes/cbc/cbc_setiv.c +++ b/src/modes/cbc/cbc_setiv.c @@ -17,8 +17,8 @@ #ifdef LTC_CBC_MODE /** - Set an initial vector - @param IV The initial vector + Set an initialization vector + @param IV The initialization vector @param len The length of the vector (in octets) @param cbc The CBC state @return CRYPT_OK if successful diff --git a/src/modes/cbc/cbc_start.c b/src/modes/cbc/cbc_start.c index 93dd793..6c5c52c 100644 --- a/src/modes/cbc/cbc_start.c +++ b/src/modes/cbc/cbc_start.c @@ -18,7 +18,7 @@ /** Initialize a CBC context @param cipher The index of the cipher desired - @param IV The initial vector + @param IV The initialization vector @param key The secret key @param keylen The length of the secret key (octets) @param num_rounds Number of rounds in the cipher desired (0 for default) diff --git a/src/modes/cfb/cfb_getiv.c b/src/modes/cfb/cfb_getiv.c index e25d333..b972c72 100644 --- a/src/modes/cfb/cfb_getiv.c +++ b/src/modes/cfb/cfb_getiv.c @@ -16,9 +16,9 @@ #ifdef LTC_CFB_MODE /** - Get the current initial vector - @param IV [out] The destination of the initial vector - @param len [in/out] The max size and resulting size of the initial vector + Get the current initialization vector + @param IV [out] The destination of the initialization vector + @param len [in/out] The max size and resulting size of the initialization vector @param cfb The CFB state @return CRYPT_OK if successful */ diff --git a/src/modes/cfb/cfb_setiv.c b/src/modes/cfb/cfb_setiv.c index ff4acc9..4495bf5 100644 --- a/src/modes/cfb/cfb_setiv.c +++ b/src/modes/cfb/cfb_setiv.c @@ -16,8 +16,8 @@ #ifdef LTC_CFB_MODE /** - Set an initial vector - @param IV The initial vector + Set an initialization vector + @param IV The initialization vector @param len The length of the vector (in octets) @param cfb The CFB state @return CRYPT_OK if successful diff --git a/src/modes/cfb/cfb_start.c b/src/modes/cfb/cfb_start.c index 6a97287..e49b119 100644 --- a/src/modes/cfb/cfb_start.c +++ b/src/modes/cfb/cfb_start.c @@ -19,7 +19,7 @@ /** Initialize a CFB context @param cipher The index of the cipher desired - @param IV The initial vector + @param IV The initialization vector @param key The secret key @param keylen The length of the secret key (octets) @param num_rounds Number of rounds in the cipher desired (0 for default) diff --git a/src/modes/ctr/ctr_getiv.c b/src/modes/ctr/ctr_getiv.c index 36ee393..cbf92db 100644 --- a/src/modes/ctr/ctr_getiv.c +++ b/src/modes/ctr/ctr_getiv.c @@ -16,9 +16,9 @@ #ifdef LTC_CTR_MODE /** - Get the current initial vector - @param IV [out] The destination of the initial vector - @param len [in/out] The max size and resulting size of the initial vector + Get the current initialization vector + @param IV [out] The destination of the initialization vector + @param len [in/out] The max size and resulting size of the initialization vector @param ctr The CTR state @return CRYPT_OK if successful */ diff --git a/src/modes/ctr/ctr_setiv.c b/src/modes/ctr/ctr_setiv.c index dbbf6a8..64d73a1 100644 --- a/src/modes/ctr/ctr_setiv.c +++ b/src/modes/ctr/ctr_setiv.c @@ -16,8 +16,8 @@ #ifdef LTC_CTR_MODE /** - Set an initial vector - @param IV The initial vector + Set an initialization vector + @param IV The initialization vector @param len The length of the vector (in octets) @param ctr The CTR state @return CRYPT_OK if successful diff --git a/src/modes/ctr/ctr_start.c b/src/modes/ctr/ctr_start.c index e77af41..039fdd6 100644 --- a/src/modes/ctr/ctr_start.c +++ b/src/modes/ctr/ctr_start.c @@ -19,7 +19,7 @@ /** Initialize a CTR context @param cipher The index of the cipher desired - @param IV The initial vector + @param IV The initialization vector @param key The secret key @param keylen The length of the secret key (octets) @param num_rounds Number of rounds in the cipher desired (0 for default) diff --git a/src/modes/f8/f8_getiv.c b/src/modes/f8/f8_getiv.c index 7be74cf..a5885c9 100644 --- a/src/modes/f8/f8_getiv.c +++ b/src/modes/f8/f8_getiv.c @@ -16,9 +16,9 @@ #ifdef LTC_F8_MODE /** - Get the current initial vector - @param IV [out] The destination of the initial vector - @param len [in/out] The max size and resulting size of the initial vector + Get the current initialization vector + @param IV [out] The destination of the initialization vector + @param len [in/out] The max size and resulting size of the initialization vector @param f8 The F8 state @return CRYPT_OK if successful */ diff --git a/src/modes/f8/f8_setiv.c b/src/modes/f8/f8_setiv.c index b708e40..8f45a3f 100644 --- a/src/modes/f8/f8_setiv.c +++ b/src/modes/f8/f8_setiv.c @@ -16,8 +16,8 @@ #ifdef LTC_F8_MODE /** - Set an initial vector - @param IV The initial vector + Set an initialization vector + @param IV The initialization vector @param len The length of the vector (in octets) @param f8 The F8 state @return CRYPT_OK if successful diff --git a/src/modes/f8/f8_start.c b/src/modes/f8/f8_start.c index 6beb2de..6801702 100644 --- a/src/modes/f8/f8_start.c +++ b/src/modes/f8/f8_start.c @@ -19,7 +19,7 @@ /** Initialize an F8 context @param cipher The index of the cipher desired - @param IV The initial vector + @param IV The initialization vector @param key The secret key @param keylen The length of the secret key (octets) @param salt_key The salting key for the IV diff --git a/src/modes/ofb/ofb_getiv.c b/src/modes/ofb/ofb_getiv.c index 37c40a6..e6bc0ed 100644 --- a/src/modes/ofb/ofb_getiv.c +++ b/src/modes/ofb/ofb_getiv.c @@ -16,9 +16,9 @@ #ifdef LTC_OFB_MODE /** - Get the current initial vector - @param IV [out] The destination of the initial vector - @param len [in/out] The max size and resulting size of the initial vector + Get the current initialization vector + @param IV [out] The destination of the initialization vector + @param len [in/out] The max size and resulting size of the initialization vector @param ofb The OFB state @return CRYPT_OK if successful */ diff --git a/src/modes/ofb/ofb_setiv.c b/src/modes/ofb/ofb_setiv.c index 692525b..005dbc7 100644 --- a/src/modes/ofb/ofb_setiv.c +++ b/src/modes/ofb/ofb_setiv.c @@ -16,8 +16,8 @@ #ifdef LTC_OFB_MODE /** - Set an initial vector - @param IV The initial vector + Set an initialization vector + @param IV The initialization vector @param len The length of the vector (in octets) @param ofb The OFB state @return CRYPT_OK if successful diff --git a/src/modes/ofb/ofb_start.c b/src/modes/ofb/ofb_start.c index d981d57..fe7a764 100644 --- a/src/modes/ofb/ofb_start.c +++ b/src/modes/ofb/ofb_start.c @@ -19,7 +19,7 @@ /** Initialize a OFB context @param cipher The index of the cipher desired - @param IV The initial vector + @param IV The initialization vector @param key The secret key @param keylen The length of the secret key (octets) @param num_rounds Number of rounds in the cipher desired (0 for default)