Tk Library Source Code

View Ticket
Login
Ticket UUID: 1267178
Title: Aes module for tcllib
Type: RFE Version: None
Submitter: fattobi Created on: 2005-08-23 14:56:58
Subsystem: tcllib: request for new module Assigned To: patthoyts
Priority: 8 Severity:
Status: Closed Last Modified: 2005-08-31 18:18:34
Resolution: Closed By: patthoyts
    Closed on: 2005-08-31 11:18:34
Description:
Hi,

I've written a Tcl-Implementation of the Advanced
Encryption Standard (AES) for my so-called "individual
project" at university and thought it might be usefull
for the tcllib.

Since it's my first (real) program in Tcl, it may not
be perfect, but I would be glad, if it would be
considered helpful in some way.

I've added a small manpage (in doctools format) and
test-suite, but I'm not sure if I did it the way it is
desired. So tell me if something is missing or can be
improved.

Thorsten
User Comments: patthoyts added on 2005-08-31 18:18:34:
Logged In: YES 
user_id=202636

Imported into CVS so that we can properly maintain the
history of this code. I will try and fix the programming
interface before we release the next version of tcllib.
Fixing the API should also make supporting CBC mode simpler.
New module: aes

fattobi added on 2005-08-28 16:25:04:
Logged In: YES 
user_id=1333726

Thanks for the quick response and performance improvements.

At the moment, there is no chaining of blocks implemented,
just one block gets en-/decrypted.
I will work on the API, but don't expect it done too soon.

Thanks for your help,

Thorsten

patthoyts added on 2005-08-28 07:50:39:

File Added - 147217: aes.tcl

patthoyts added on 2005-08-28 07:50:37:
Logged In: YES 
user_id=202636

This looks pretty good. First some performance comments
- All [expr] expressions should be braced - [expr {....}]
- Avoid excessive [expr] eg: if {[expr ...]} is better
written if {(...)}
- You can copy arrays quickly using [array set tempState
[array get state]]
- The inverse sbox function is twice as fast if we use a
table lookup.

by making the above changed changes can speed the encryption
from about 26000ms per iteration to around 8000ms per iteration.

Second I would think the programming API should be closer to
that used for rc4 and blowfish in tcllib. I would rather see
an aes::encrypt and aes::decrypt pair - but more importantly
I think we should be able to do:
 set key [aes::Init $secret cbc]
 while {receiving data} {Output [aes::Encrypt $key $data]}
 aes::Finish $key
in other words maintain all state in a opaque token that is
created by Init and cleaned up by Finish and permit calling
Encrypt or Decrypt multiple times. This fits well with use
with network channels where we want to use the
Encrypt/Decrypt call in the fileevent body on chunks of data
read from the stream.

It is also important that we can do ECB and CBC mode
encryption - it's not specified anywhere what mode is being
done here and I've not tried to work it out yet.

Attaching my performance enhanced version.

Nice job though. :)

fattobi added on 2005-08-23 21:57:02:

File Added - 146685: aes_module.tar.gz

Attachments: