Closed Bug 467372 Opened 17 years ago Closed 2 years ago

Implement SOBER-128 Encryption Algorithm

Categories

(NSS :: Libraries, enhancement, P5)

Product:
NSS
Component:
Libraries
Type:
enhancement

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: KaiE, Unassigned)

Details

There is a desire to have the SOBER-128 Encryption Algorithm available in NSS. Requested in https://bugzilla.redhat.com/show_bug.cgi?id=462014 See http://en.wikipedia.org/wiki/SOBER-128 for information about SOBER-128
As a general rule, we only accept implementations of ciphers in NSS when all the following are true: - Those ciphers have been publicly published, - The PKCS#11 API specification standard has been updated, or a draft modification for it has been accepted by the PKCS#11 "cryptoki" working group, that defines all the "mechanisms" (and object types, if applicable) needed to implement it, - (if applicable) Algorithm Identifier OID(s) have been published for it - It's use in some standard protocol implemented in NSS (such as new TLS cipher suites or CMS OIDs) has been specified in an RFC. - Any patent concerns have been resolved. Are those conditions now met for this new cipher? To be accepted, contributed implementations of ciphers must include: - the cipher algorithm in Freebl - the implementation of the PKCS#11 mechanisms and object types defined for it, - Modifications to the pk11wrap layer required to understand and work with the new mechanisms, - Modifications to lib/util to understand any new Algorithm IDentifier OIDs - Modifications to lib/ssl and/or lib/smime to implement the new SSL cipher suites and/or use of the new algorithm in CMS - Modifications to test programs for freebl (blapitest), SSL and/or CMS have been made, - Modifications to NSS's QA Acceptance test scripts to run the new tests (both blapitest and SSL and/or CMS tests). - All patches must be in the form of a CVS unified diff (or set of CVS unified diffs) that apply cleanly to the NSS trunk with the patch command. When the above conditions are met and a CVS patch that meets those requirements is ready, please let us know.
Here's the spec. http://www.qualcomm.com.au/PublicationsDocs/SOBER-128-v2.pdf I'd like to make this one a sample of how to implement a separately loaded crypto module rather than adding this to base softoken. This is particularly true since there is no need to use SSL with this cipher. In any case I don't think this would make a NSS 3.12 softoken. Also, SOBER-128 MAC has been broken and should not be part of this implementation. bob
Severity: normal → S3
Severity: S3 → N/A
Status: NEW → RESOLVED
Closed: 2 years ago
Priority: -- → P5
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.