From 5677d94e6aa22c657f8440d6dc4beb38f28509e8 Mon Sep 17 00:00:00 2001 From: Leonetienne Date: Sun, 22 May 2022 20:13:41 +0200 Subject: [PATCH] Improved security --- GCryptLib/include/GCrypt/Config.h | 2 +- GCryptLib/include/GCrypt/GCipher.h | 3 +++ GCryptLib/src/Feistel.cpp | 15 +++++++-------- GCryptLib/src/GCipher.cpp | 6 ++++++ GCryptLib/src/GHash.cpp | 7 +++++-- 5 files changed, 22 insertions(+), 11 deletions(-) diff --git a/GCryptLib/include/GCrypt/Config.h b/GCryptLib/include/GCrypt/Config.h index c5ec236..dd56656 100644 --- a/GCryptLib/include/GCrypt/Config.h +++ b/GCryptLib/include/GCrypt/Config.h @@ -8,7 +8,7 @@ namespace Leonetienne::GCrypt { constexpr std::size_t BLOCK_SIZE = 512; // MUST BE > 2 - constexpr std::size_t N_ROUNDS = 64; + constexpr std::size_t N_ROUNDS = 400; } #endif diff --git a/GCryptLib/include/GCrypt/GCipher.h b/GCryptLib/include/GCrypt/GCipher.h index f17a277..6050233 100644 --- a/GCryptLib/include/GCrypt/GCipher.h +++ b/GCryptLib/include/GCrypt/GCipher.h @@ -25,6 +25,9 @@ namespace Leonetienne::GCrypt { //! Will digest a data block, and return it Block Digest(const Block& input); + //! Will update the base key used + void SetKey(const Key& key); + void operator=(const GCipher& other); private: diff --git a/GCryptLib/src/Feistel.cpp b/GCryptLib/src/Feistel.cpp index ce69306..9ac75da 100644 --- a/GCryptLib/src/Feistel.cpp +++ b/GCryptLib/src/Feistel.cpp @@ -54,12 +54,13 @@ namespace Leonetienne::GCrypt { // Block has finished de*ciphering. // Let's generate a new set of round keys. - GenerateRoundKeys((Block)roundKeys.back()); + GenerateRoundKeys((Key)roundKeys.back()); return FeistelCombine(r, l); } Halfblock Feistel::F(Halfblock m, const Key& key) { + // Made-up F function // Expand to full bitwidth @@ -74,15 +75,13 @@ namespace Leonetienne::GCrypt { // Non-linearly apply subsitution boxes std::stringstream ss; const std::string m_str = m_expanded.to_string(); - for (std::size_t i = 0; i < BLOCK_SIZE; i += 4) { ss << SBox(m_str.substr(i, 4)); } - m_expanded = Block(ss.str()); - // Return the compressed version - return CompressionFunction(m_expanded); + // Return the compressed version, shifted by 3 + return Shiftl(CompressionFunction(m_expanded), 3); } std::pair Feistel::FeistelSplit(const Block& block) { @@ -124,13 +123,13 @@ namespace Leonetienne::GCrypt { std::unordered_map compressionMap; compressionMap["0000"] = "10"; compressionMap["0001"] = "01"; - compressionMap["0010"] = "10"; + compressionMap["0010"] = "11"; compressionMap["0011"] = "10"; compressionMap["0100"] = "11"; compressionMap["0101"] = "01"; compressionMap["0110"] = "00"; - compressionMap["0111"] = "11"; - compressionMap["1000"] = "01"; + compressionMap["0111"] = "01"; + compressionMap["1000"] = "11"; compressionMap["1001"] = "00"; compressionMap["1010"] = "11"; compressionMap["1011"] = "00"; diff --git a/GCryptLib/src/GCipher.cpp b/GCryptLib/src/GCipher.cpp index 785d851..3a2883f 100644 --- a/GCryptLib/src/GCipher.cpp +++ b/GCryptLib/src/GCipher.cpp @@ -51,6 +51,12 @@ namespace Leonetienne::GCrypt { throw std::runtime_error("Unreachable branch reached."); } + void GCipher::SetKey(const Key& key) { + feistel.SetKey(key); + + return; + } + void GCipher::operator=(const GCipher& other) { direction = other.direction; feistel = other.feistel; diff --git a/GCryptLib/src/GHash.cpp b/GCryptLib/src/GHash.cpp index dec8f6c..5ea48fa 100644 --- a/GCryptLib/src/GHash.cpp +++ b/GCryptLib/src/GHash.cpp @@ -7,8 +7,8 @@ namespace Leonetienne::GCrypt { GHash::GHash() : // Initialize our cipher with a static, but randomly distributed key. cipher( - // Can't use Key::FromPassword here, because it depends on GHash. - // Instead use a hardcoded key. + // The key really does not matter, as it gets changed + // each time before digesting anything. Key(StringToBitblock("nsoCZfvdqpRkeVTt9wzvPR3TT26peOW9E2kTHh3pdPCq2M7BpskvUljJHSrobUTI")), GCipher::DIRECTION::ENCIPHER ) { @@ -18,6 +18,9 @@ namespace Leonetienne::GCrypt { } void GHash::DigestBlock(const Block& data) { + // Set the cipher key to the current data to be hashed + cipher.SetKey(Key(data)); + // Encipher the current block, and xor it on the current hashsum block ^= cipher.Digest(data); return;