Some Haskell codes demonstrating how to initialize random number generators (equivalently stream ciphers) with a string (and salt). The main point of these demonstration codes are to list what modules one needs to import and show how to hook things together.
aes-ctr-demo.hs generates a stream of random bytes using AES-256 in counter mode (CTR). (This implements option 2 among this enumeration of ways to do counter mode.) Without arguments, it uses the scrypt key derivation function to convert the password and salt to a 256-bit AES key. It also demonstrates two alternatives to scrypt: a SHA-512 instance of PBKDF2, and using straight unsalted SHA-256 as a key derivation function (the latter is cryptographically terrible idea because it is relatively easy to mount a dictionary attack against it compared to real KDFs).
mwc-demo.hs demonstrates seeding the non-cryptographic MWC random number generator with 258 words generated with PBKDF2.
tf-demo.hs demonstrates seeding the TF (ThreeFish) random number generator with a 4-tuple of Word64 generated with PBKDF2.
Alternate Source code directory
Disclaimer: I have paid no attention to whether these demonstrations are vulnerable to side-channel attacks. They almost certainly are vulnerable.
No comments :
Post a Comment