Libcrypt examples?

Werner Koch wk at gnupg.org
Thu Oct 16 11:54:10 CEST 2014


On Wed, 15 Oct 2014 23:45, rfg at tristatelogic.com said:

> detailed, 134 page (PDF) manual for the library, and yet prospective
> users of the library, such as myself, cannot find even a single modest,
> real-world example of how to use the bloody thing.

IIRC, it has already been quoted from the introduction:

  The reader is assumed to possess basic knowledge about applied
  cryptography.

That is really important and it means that the reader knows what an IV
is, what an encryption mode is and which one first which purpose,why
padding is required, and so on.  Well, maybe this is a bit more than
“basic knowledge” but for us crypto plumbers this is basic.

> OK.  Swell.  Ignoring, for the moment, the personal condescension
> implicit in your comments, and accepting your premise that I should
> be using some ``higher level'' library, the question remains:  Which
> one?

I would suggest GPGME.  However, there is a lot of extra baggage which
comes with that, for example you need to install GnuPG proper, because
GPGME makes use of it.

Thus for your goal, direct use of Libgcrypt might me right.  However,
before you can use it you need to answer seeveral design questions.  For
example:

 - From where do I take the key?
 - Do I need to derive the key from Passphrase.
 - Which cipher mode to use.
 - Where do I store extra data like an IV
 - Do I need padding.
 - Do I need authenticated encryption?
 
To answer this it would be best to first describe the thread model.
However, there are some standard solutions which may fit for you.  There
are good books which describe how to come up with a good solution.  For
example

@Book{Fer:03:PC,
  author =      "Niels Ferguson and Bruce Schneier",
  title =       "Practical Cryptography",
  language =    "USenglish",
  edition =     "first",
  publisher =   pub-WIL,
  address =     pub-WIL:adr,
  pages =       "xx + 410",
  year =        "2003",
  ISBN =        "0-471-22357-3",
  URL =         "http://www.macfergus.com/pc/"
}

> P.S.  I'm still looking for the "examples at the end of the manual"
> which were explicitly promised in Section 1.1 ("Getting Started")
> of the Libcrypt manual.

Thanks for the hint; it is probably missing.  We should fix the manual
in some way.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gnupg-users mailing list