Crypto++ Explained

Crypto++ (also known as CryptoPP, libcrypto++, and libcryptopp) is a free and open-source C++ class library of cryptographic algorithms and schemes written by Wei Dai. Crypto++ has been widely used in academia, student projects, open-source, and non-commercial projects, as well as businesses.^[1] Released in 1995, the library fully supports 32-bit and 64-bit architectures for many major operating systems and platforms, including Android (using STLport), Apple (macOS and iOS), BSD, Cygwin, IBM AIX, Linux, MinGW, Solaris, Windows, Windows Phone and Windows RT. The project also supports compilation using C++03, C++11, C++14, and C++17 runtime libraries; and a variety of compilers and IDEs, including Borland Turbo C++, Borland C++ Builder, Clang, CodeWarrior Pro, GCC (including Apple's GCC), Intel C++ Compiler (ICC), Microsoft Visual C/C++, and Sun Studio.

Crypto++ 1.0 was released in June 1995, but the download is no longer available. The Crypto++ 1.0 release was withdrawn due to RSA Data Security, Inc asserting its patent over the RSA algorithm. All other versions of the library are available for download.^[2]

Algorithms

Crypto++ ordinarily provides complete cryptographic implementations and often includes less popular, less frequently-used schemes. For example, Camellia is an ISO/NESSIE/IETF-approved block cipher roughly equivalent to AES, and Whirlpool is an ISO/NESSIE/IETF-approved hash function roughly equivalent to SHA; both are included in the library.^{[3] [4]}

Additionally, the Crypto++ library sometimes makes proposed and bleeding-edge algorithms and implementations available for study by the cryptographic community. For example, VMAC, a universal hash-based message authentication code, was added to the library during its submission to the Internet Engineering Task Force (CFRG Working Group); and Brainpool curves, proposed in March 2009 as an Internet Draft in RFC 5639, were added to Crypto++ 5.6.0 in the same month.^{[5] [6]}

Crypto++ algorithms and implementations!Primitive or Operation !! Algorithms or Implementations

Pseudorandom number generators	LCG, KDF2, Blum Blum Shub, ANSI X9.17, Mersenne Twister, RDRAND and RDSEED
High speed stream ciphers	ChaCha8/12/20, ChaCha20 (IETF version), HC-128 and HC-256, Panama, Rabbit, Salsa20, SOSEMANUK, XSalsa20
AES and AES candidates	Rijndael (AES selection), RC6, MARS, Twofish, Serpent, CAST-256
Other block ciphers	ARIA, Blowfish, Camellia, CHAM, HIGHT, IDEA, Kalyna (128/256/512), LEA, RC5, Triple-DES (2- and 3-key), SEED, SHACAL-2, Simon (64/128), Speck (64/128), SIMECK, Skipjack, SM4, TEA, Threefish (256/512/1024), XTEA
Block cipher modes of operation	ECB, CBC, CTS, CFB, OFB, CTR, XTS
Authenticated encryption modes	CCM, GCM, EAX, ChaCha20Poly1305
Block ciphers padding schemes	PKCS#5, PKCS#7, Zeros, One and zeros, W3C Padding
Message authentication codes	VMAC, HMAC, CMAC, CBC-MAC, DMAC, Two-Track-MAC
Cryptographic hash function	BLAKE2 (BLAKE2b and BLAKE2s), Keccak, SHA-1, SHA-2 (SHA-224/256/384/512), SHA3, LSH (256/512), Tiger, WHIRLPOOL, RIPEMD (128/160/256/320)
Password based key derivation functions	PBKDF1 and PBKDF2 from PKCS #5, PBKDF from PKCS #12 appendix B, Krawczyk and Eronen's HKDF
Public-key cryptography	RSA, DSA, ElGamal, (NR), Rabin-Williams (RW), LUC, LUCELG, DLIES (variants of DHAES), ESIGN, curve25519
Padding schemes for public-key systems	PKCS#1 v2.0, OAEP, PSS, PSSR, IEEE P1363 EMSA2 and EMSA5
Key agreement schemes	Diffie–Hellman (DH), Unified Diffie–Hellman (DH2), Menezes–Qu–Vanstone (MQV), Hashed MQV (HMQV), Fully Hashed MQV (FHMQV), LUCDIF, XTR-DH, x25519
Elliptic-curve cryptography	ECDSA, ECNR, ECIES, ECDH, ECMQV, Ed25519
Secret sharing	Shamir's secret sharing scheme, Rabin's information dispersal algorithm (IDA)

The library also makes available primitives for number-theoretic operations such as fast multi-precision integers; prime number generation and verification; finite field arithmetic, including GF(p) and GF(2ⁿ); elliptical curves; and polynomial operations.

Furthermore, the library retains a collection of insecure or obsolescent algorithms for backward compatibility and historical value: MD2, MD4, MD5, Panama Hash, DES, ARC4, SEAL 3.0, WAKE, WAKE-OFB, DESX (DES-XEX3), RC2, SAFER, 3-WAY, GOST, SHARK, CAST-128, and Square.

Performance

In a 2007 ECRYPT workshop paper focusing on public key implementations of eight libraries, Ashraf Abusharekh and Kris Kaj found that "Crypto++ 5.1 [sic] leads in terms of support for cryptographic primitives and schemes, but is the slowest of all investigated libraries."^[7]

In 2008, speed tests carried out by Timo Bingmann using seven open-source security libraries with 15 block ciphers, Crypto++ 5.5.2 was the top-performing library under two block ciphers and did not rank below the average library performance under the remaining block ciphers.^[8]

Crypto++ also includes an auto-benchmarking feature, available from the command line (cryptest.exe b), the results of which are available at Crypto++ 5.6.0 Benchmarks.^[9]

As with many other cryptographic libraries available for 32-bit and 64-bit x86 architectures, Crypto++ includes assembly routines for AES using AES-NI. With AES-NI, AES performance improves dramatically: 128-bit AES-GCM throughput increases from approximately 28.0 cycles per byte to 3.5 cycles per byte.^{[10] [11] [12]}

Version releases

Crypto++ 1.0 was released in June 1995. Since its initial release, the library has seen nearly two dozen revisions, including an architectural change in version 5.0.^{[13] [14]} There have been ten releases using the version 5.0 architecture since March 2009.^[15]

Crypto++ releases since version 6.0! Version !! Released Date

Crypto++ 6.0.0	January 22, 2018
Crypto++ 6.1.0	February 22, 2018
Crypto++ 7.0.0	April 8, 2018
Crypto++ 8.0.0	December 28, 2018
Crypto++ 8.1.0	February 11, 2019
Crypto++ 8.2.0	April 28, 2019
Crypto++ 8.3.0	December 20, 2020
Crypto++ 8.4.0	January 2, 2021
Crypto++ 8.5.0	March 7, 2021
Crypto++ 8.6.0	September 24, 2021
Crypto++ 8.7.0	August 7, 2022
Crypto++ 8.8.0	June 25, 2023
Crypto++ 8.9.0	October 1, 2023

Lawrence Teo's compilation of previous Crypto++ releases dating back to 1995 can be found in the users group archives.^[16]

FIPS validations

Crypto++ has received three Federal Information Processing Standard (FIPS) 140-2 Level 1 module validations with no post-validation issues.^[17]

Notes and References

1. • J. Kelsey . B. Schneier . Bruce Schneier . D. Wagner . C. Hall . 1998 . Cryptanalytic Attacks on Pseudorandom Number Generators . https://web.archive.org/web/20141230032940/https://www.schneier.com/paper-prngs.pdf . 2014-12-30 . dead . Fast Software Encryption, 5th International Proceedings . 2010-08-10.
   • Web site: C. Adjih . D. Raffo . P. Mühlethaler . 2004 . OLSR: Distributed Key Management for Security . https://web.archive.org/web/20110721010610/http://www2.lifl.fr/SERAC/downloads/attacks-olsr-dkm.pdf . 2011-07-21 . dead . 2010-08-10.
   • X. Yinglian . M. K. Reiter . D. O'Hallaron . 2006 . Protecting Privacy in Key-Value Search Systems . Computer Security Applications Conference (ACSAC) . 2010-08-10.
   • Web site: T. Zidenberg . 2010 . Optimizing Crypto++ library for P4 . https://web.archive.org/web/20110721134907/http://softlab-pro-web.technion.ac.il/projects/cryptoppopt/html/projectBook.html . 2011-07-21 . dead . Technion, Israel Institute of Technology . 2010-08-10.
2. Web site: Crypto++ Downloads . Crypto++ Project . June 1995 . December 20, 2020.
3. Web site: Japan's First 128-bit Block Cipher 'Camellia' Approved as a New Standard Encryption Algorithm in the Internet . physorg.com . 2022-05-23.
4. Web site: Hartikainen . Arsi . Toivanen . Timo . Kiljunen . Herkko . 2005 . Whirlpool hashing function . Secure Communications, Seminar Presentation . Lappeenranta University of Technology . 2022-05-23.
5. Elliptic Curve Cryptography (ECC) Brainpool Standard Curves and Curve Generation .
6. Web site: Crypto++ Library 8.6 . Crypto++ Website . 2022-05-23.
7. Comparative Analysis of Software Libraries for Public Key Cryptography. ECRYPT Workshop on Software Performance Enhancement for Encryption and Decryption. 3–19. A. Abusharekh. K. Kaj. 2007. 2010-08-12. https://web.archive.org/web/20120227082043/http://ite.gmu.edu/~kgaj/publications/conferences/GMU_SPEED_2007.pdf. 2012-02-27. dead.
8. Web site: Speedtest and Comparison of Open-Source Cryptography Libraries and Compiler Flags. Timo Bingmann Weblog. T. Bingmann. 2008. 2010-08-10.
9. Web site: Crypto++ 5.6.0 Benchmarks. Crypto++ Website. 2009. 2010-08-10.
10. Web site: AES-NI Performance Analyzed. Tom's Hardware. 2010. P. Schmid . A. Roos . 2010-08-10.
11. Web site: Misdetection of MIPS endianness & How to get fast AES calls?. T. Krovetz . W. Dai . Crypto++ user group. 2010. 2010-08-11.
12. Web site: Crypto++ 5.6.0 Pentium 4 Benchmarks. Crypto++ Website. 2009. 2010-08-10.
13. Web site: Crypto++ 5.0 beta available. Crypto++ Mailing List. Announcement. 2002. 2010-08-09.
14. Web site: Crypto++ 5.0 update. Crypto++ Mailing List. Announcement. 2002. 2010-08-09.
15. Web site: Crypto++ Announcements List . 2010-08-14 . Sourceforge.net .
16. Web site: Release Dates of Previous Versions. Crypto++ Mailing List. L. Teo. 2002. 2010-08-09.
17. Web site: Validated FIPS 140-1 and FIPS 140-2 Cryptographic Modules (2003). Cryptographic Module Validation Program (CMVP). 2003. 2010-08-08.
18. Web site: Validated FIPS 140-1 and FIPS 140-2 Cryptographic Modules (2005). Cryptographic Module Validation Program (CMVP). 2005. 2010-08-08.
19. Web site: Validated FIPS 140-1 and FIPS 140-2 Cryptographic Modules (2007). Cryptographic Module Validation Program (CMVP). 2007. 2010-08-08.
20. Web site: Compilation Copyright for Crypto++. Crypto++ Website. 2010-08-15.
21. Web site: Crypto++ Library Versions 5.3.0 [32-bit and 64-bit] Security Policy | work=Cryptographic Module Validation Program (CMVP)|url=http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp819.pdf|year=2007|accessdate=2010-08-08}}

    FIPS validated Crypto++ modules! Version !! Certificate !! Dates

    Crypto++ 5.0.4	Certificate 343[17]	2003-09-05, 2005-10-28
    Crypto++ 5.2.3	Certificate 562[18]	2005-07-29, 2005-08-24, 2005-10-28
    Crypto++ 5.3.0	Certificate 819[19]	2007-08-13, 2007-08-17

    Crypto++ was moved to the CMVP's Historical Validation List in 2016. The move effectively means the library is no longer validated.

    Licensing

    As of version 5.6.1, Crypto++ consists of only public domain files, with a compilation copyright and a single open source license for the compilation copyright:^[20]

    See also

    • Computer science
    • Symmetric cipher
    • Comparison of cryptography libraries

    External links

    • • Crypto++ GitHub project
    • List of projects that use Crypto++ (Includes nonprofit and for profit projects)
    • Crypto++ users group
    .