Introduction:
I'm glad to present you my Extended Cryptography module for G2O (v0.1.0). Some included functions came from my university archive, some were rewritten, while remaining lie in the public domain. Inspired by SSL/TLS protocol, the main purpose is to secure transmission between server and client (while using Packets) with symmetric-key AES cryptographic algorithm, exchanging keys secretly by Diffie-Hellman Protocol (or ECDH) and with asymmetric, public key cryptographic RSA algorithm. Module does not provide absolute implementation of these algorithms (except AES) but contains components required to build them on script side. It provides some math elements, which are essential when it comes to coping with cryptography.
Included in module:
- Advanced Encryption Standard (AES) with 256-bit length key and different chaining modes,
- Big number handling in functions listed below,
- Calculating greatest common divisor (gcd),
- Calculating modular (multiplicative) inverse,
- Calculating fast power modulo,
- Calculating Euler phi (totient) function value,
- Determining if a number is quadratic residue modulo prime,
- Shanks-Tonelli algorithm used to solve quadratic congruence.
Advanced Encryption Standard
Key length: 256 bits (32 bytes)
Included chaining modes:
a) Electronic Codebook (ECB)
b) Cipher Block Chaining (CBC)
c) Propagating Cipher Block Chaining (PCBC)
d) Cipher Feedback 128 (CFB)
e) Output Feedback (OFB)
f) Counter (CTR)
Padding mode: ISO/IEC 7816-4, which means setting the first unused byte to 0x80 and all the following ones to 0, just to match multiple of 16 bytes in total length (because AES works on 16 bytes blocks). Padding is removed while decrypting thus it's not so important for user. This padding mode has been choosen since it's recommended by the NIST Special Publication 800-38A, 2001 Edition, "Recommendation for Block Cipher Modes of Operation".
Functions:
Code:
string AES256_Encrypt(string plaintext, string key, string IV, string chaining_mode);
string AES256_Decrypt(string ciphertext, string key, string IV, string chaining_mode);
IV - Initialization vector, must by 16 bytes or it can by "" while using ECB chaining_mode, which doesn't use IV.
Key requires to containt at least 32 bytes of data.
#4 argument - chaining_mode is optional, CBC is used as default.
Example usage:
Code:
//Encryption and decryption
local ciphertext = AES256_Encrypt("Extended Cryptography Module", "912345678900123456789001234567890ab", "aaaaaaaaaaaaaaaa", "CTR");
AES256_Decrypt(ciphertext, "912345678900123456789001234567890ab", "aaaaaaaaaaaaaaaa", "CTR");
//Using ECB with no IV
AES256_Encrypt("Extended Cryptography Module", "912345678900123456789001234567890ab", "", "ECB");
//Using default chaining_mode
AES256_Encrypt("Extended Cryptography Module", "912345678900123456789001234567890ab", "aaaaaaaaaaaaaaaa");
Initialization vector must be provided along key to receive plaintext while performing decryption.
I recommend using sha256 hash function to match key length, as it returns 32-bytes length string.
sha256 parameter could be obtained by Diffie-Hellman Protocol (or ECDH), possibly mixed with Shamir Protocol.
Components for cryptographic problems based on prime decomposition or discrete logarithm
All functions listed below require passing integers as strings, e.g. "123456", "313151626", due to using BigInteger data type. Returned values are also strings.
Many cryptography algorithms make sense only while using respectively large keys thus no low-bounded data types are incorrect in such purpose.
Functions:
Code:
//Calculates Greatest Common Divisor of a and b
string gcd(string a, string b);
//Calculates modular (multiplicative) inverse of a in Z_mod muplicative group
string modInverse(string a, string mod);
//Calculates a^n (mod m) with fast algorithm
string modFastPower(string a, string n, string m);
//Calculates Euler phi (totient) function value for N = p*q, p,q - primes
string EulerPhi(string p, string q);
//Determines if a is quadratic residue modulo p (prime),
bool isQuadraticResidue(string a, string p);
//Calculates solution of quadratic congruence, p is prime
string ShanksTonelli(string a, string p);
Note that when gcd(a, b) = 1, then a is relatively prime with b (coprime).
While using Shanks-Tonelli algorithm, use caution to provide required prime number. Otherwise, function will return NULL.
isQuadraticResidue calculates Legendre symbol (checks Euler criterion). This function is also contained in ShanksTonelli algorithm thus it's not required to use it before.
Diffie-Hellman key exchange example
> Establishing g, p in multiplicative group modulo p (prime), where g is primitive root modulo p.
> Server picks s integer, client picks c integer, both kept in secret.
> Server calculates S = g^s (mod p) and sends to the client.
> Client calculates C = g^c (mod p) and sends to the server.
> Client calculates X = S^c (mod p), Server calculates Y = C^s (mod p).
> Since X = S^c (mod p) = (g^s)^c (mod p) = g^(cs) (mod p) and Y = C^s (mod p) = (g^c)^s (mod p) = g^(cs) (mod p), server and client are sharing a secret without transmitting it.
All calculations can be done with included modFastPower function.
D-H Protocol needs large prime value to provide respective level of security.
RSA encryption/decryption might be also performed with included functions with some additional scripts.
Development direction:
- Elliptic curve cryptography e.g. elliptic curve version of Diffie-Hellman - ECDH,
- Lattice-based cryptography (awareness of quantum Shor's Algorithm),
- Signature schemes,
- RSA and D-H (ECDH) script side additions.
Installation guide:
As module is supposed to work on both server/client side:
Adding to config.xml file:
Windows:
Code:
<module src="ExtCrypto.dll" type="server" />
<module src="ExtCrypto.dll" type="client" />
Linux:
Code:
<module src="ExtCrypto.so" type="server" />
<module src="ExtCrypto.so" type="client" />
Due to linker searching algorithm in Linux, it might be better to put ExtCrypto.so in main server directory and use:
Code:
<module src="./ExtCrypto.so" type="server" />
Download:
Windows version - ExtCrypto.dll
SHA256: 5b8976a9d8efa15dac86aa7291c74db7a5304f668c61e321d291f9c88bf94dd8
Linux version - ExtCrypto.so
SHA256: 0e2d3abc33636a74831835e32466c481e7f9e499422eda99386c46c490825570
P.S. Hope that sending a post will prevent automatic account deletion.