This module exports ciphers supported by nettle: http://www.lysator.liu.se/~nisse/nettle/
- data AES
- data AES128
- data AES192
- data AES256
- data ARCTWO
- arctwoInitEKB :: Key ARCTWO -> Word -> ARCTWO
- arctwoInitGutmann :: Key ARCTWO -> ARCTWO
- data BLOWFISH
- data Camellia
- data Camellia128
- data Camellia192
- data Camellia256
- data CAST128
- data DES
- data DES_EDE3
- data TWOFISH
- data SERPENT
- class StreamCipher cipher => StreamNonceCipher cipher where
- streamSetNonceWord64 :: StreamNonceCipher cipher => cipher -> Word64 -> Maybe cipher
- data ARCFOUR
- data SALSA20
- data ESTREAM_SALSA20
Only block ciphers with a 128-bit
blockSize (16 bytes) support the XTS cipher mode.
ARCTWO (also known as the trade marked name RC2) is a block cipher specified in RFC 2268.
Initialize cipher with an explicit
ekb value (valid values from 1 to 1024, 0 meaning the same as 1024).
Camellia is a block cipher developed by Mitsubishi and Nippon Telegraph and Telephone Corporation, described in RFC3713, and recommended by some Japanese and European authorities as an alternative to AES. The algorithm is patented (details see http://www.lysator.liu.se/~nisse/nettle/nettle.html).
The key is given as 8 bytes, as one bit per byte is used as a parity bit. The parity bit is ignored by this implementation.
TWOFISH is another AES finalist, designed by Bruce Schneier and others.
SERPENT is one of the AES finalists, designed by Ross Anderson, Eli Biham and Lars Knudsen.
blockSize is 128 bits (16 bytes), and the valid key sizes are from 128 bits to 256 bits (16 to 32 bytes),
although smaller bits are just padded with zeroes.
StreamNonceCipher are special stream ciphers that can encrypt many messages with the same key;
setting a nonce restarts the cipher.
A good value for the nonce is a message/packet counter. Usually a nonce should not be reused with the same key.
Word64 as 8-byte nonce (bigendian encoded)
ARCFOUR is a stream cipher, also known under the trade marked name RC4.
Valid key sizes are from 1 to 256 bytes.
SALSA20 is a fairly recent stream cipher designed by D. J. Bernstein.
Valid key sizes are 128 and 256 bits (16 and 32 bytes).
Salsa20 uses a blocksize of 64 bytes internally; if crpyted input isn't aligned to 64 bytes it will pad it with 0 and store the encrypted padding to xor with future input data.
Each message also requires a 8-byte (
Word64) nonce (which is initialized to 0; you can use a message sequence number).
Don't reuse a nonce with the same key.
Setting a nonce also resets the remaining padding data.