gnu.javax.crypto.prng
Class ICMGenerator
- Cloneable, IRandom
Counter Mode is a way to define a pseudorandom keystream generator using a
block cipher. The keystream can be used for additive encryption, key
derivation, or any other application requiring pseudorandom data.
In ICM, the keystream is logically broken into segments. Each segment is
identified with a segment index, and the segments have equal lengths. This
segmentation makes ICM especially appropriate for securing packet-based
protocols.
This implementation adheres to the definition of the ICM keystream generation
function that allows for any symetric key block cipher algorithm
(initialisation parameter
gnu.crypto.prng.icm.cipher.name
taken to be an instance of
String) to be used. If such a
parameter is not defined/included in the initialisation
Map,
then the "Rijndael" algorithm is used. Furthermore, if the initialisation
parameter
gnu.crypto.cipher.block.size (taken to be a instance
of
Integer) is missing or undefined in the initialisation
Map, then the cipher's
default block size is used.
The practical limits and constraints of such generator are:
- The number of blocks in any segment MUST NOT exceed
256 ** BLOCK_INDEX_LENGTH.
The number of segments MUST NOT exceed
256 ** SEGMENT_INDEX_LENGTH. These restrictions ensure the
uniqueness of each block cipher input. - Each segment contains
SEGMENT_LENGTH octets; this value
MUST NOT exceed the value (256 ** BLOCK_INDEX_LENGTH) *
BLOCK_LENGTH. - The sum of
SEGMENT_INDEX_LENGTH and
BLOCK_INDEX_LENGTH MUST NOT exceed BLOCK_LENGTH
/ 2.
This requirement protects the ICM keystream generator from potentially
failing to be pseudorandom.
NOTE: Rijndael is used as the default symmetric key block cipher
algorithm because, with its default block and key sizes, it is the AES. Yet
being Rijndael, the algorithm offers more versatile block and key sizes which
may prove to be useful for generating
longer key streams.
References:
-
Integer Counter Mode, David A. McGrew.
addRandomByte, addRandomBytes, addRandomBytes, clone, fillBlock, init, isInitialised, name, nextByte, nextBytes, nextBytes, setup |
clone, equals, extends Object> getClass, finalize, hashCode, notify, notifyAll, toString, wait, wait, wait |
BLOCK_INDEX_LENGTH
public static final String BLOCK_INDEX_LENGTH
Property name of ICM's block index length.
- "gnu.crypto.prng.icm.block.index.length"
CIPHER
public static final String CIPHER
Property name of underlying block cipher for this ICM generator.
- "gnu.crypto.prng.icm.cipher.name"
OFFSET
public static final String OFFSET
Property name of ICM's offset.
- "gnu.crypto.prng.icm.offset"
SEGMENT_INDEX
public static final String SEGMENT_INDEX
Property name of ICM's segment index.
- "gnu.crypto.prng.icm.segment.index"
SEGMENT_INDEX_LENGTH
public static final String SEGMENT_INDEX_LENGTH
Property name of ICM's segment index length.
- "gnu.crypto.prng.icm.segment.index.length"
ICMGenerator
public ICMGenerator()
Trivial 0-arguments constructor.
ICMGenerator.java --
Copyright (C) 2001, 2002, 2006 Free Software Foundation, Inc.
This file is a part of GNU Classpath.
GNU Classpath is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or (at
your option) any later version.
GNU Classpath is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with GNU Classpath; if not, write to the Free Software
Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301
USA
Linking this library statically or dynamically with other modules is
making a combined work based on this library. Thus, the terms and
conditions of the GNU General Public License cover the whole
combination.
As a special exception, the copyright holders of this library give you
permission to link this library with independent modules to produce an
executable, regardless of the license terms of these independent
modules, and to copy and distribute the resulting executable under
terms of your choice, provided that you also meet, for each linked
independent module, the terms and conditions of the license of that
module. An independent module is a module which is not derived from
or based on this library. If you modify this library, you may extend
this exception to your version of the library, but you are not
obligated to do so. If you do not wish to do so, delete this
exception statement from your version.