Andrew Cooke | Contents | Latest | RSS | Twitter | Previous | Next

C[omp]ute

Welcome to my blog, which was once a mailing list of the same name and is still generated by mail. Please reply via the "comment" links.

Always interested in offers/projects/new ideas. Eclectic experience in fields like: numerical computing; Python web; Java enterprise; functional languages; GPGPU; SQL databases; etc. Based in Santiago, Chile; telecommute worldwide. CV; email.

Personal Projects

Lepl parser for Python.

Colorless Green.

Photography around Santiago.

SVG experiment.

Professional Portfolio

Calibration of seismometers.

Data access via web services.

Cache rewrite.

Extending OpenSSH.

C-ORM: docs, API.

Last 100 entries

Removing Lowers; Mnesiacs; [Maths, Link] Dividing By Zero; [Book, Review] Ray Monk - Ludwig Wittgenstein: The Duty Of Genius; [Link, Bike, Computing] Evolving Lacing Patterns; [Jam] Strawberry and Orange Jam; [Chile, Privacy] Biometric Check During Mail Delivery; [Link, Chile, Spanish] Article on the Chilean Drought; [Bike] Extended Gear Ratios, Shimano XT M8000 (24/36 Chainring); Get Coffee Quotes for Cat Soft LLC; [Link, Politics, USA] The Future Of American Democracy; Mass Hysteria; [Review, Books, Links] Kazuo Ishiguro - Never Let Me Go; [Link, Books] David Mitchell's Favourite Japanese Fiction; [Link, Bike] Rear Suspension Geometry; [Link, Cycling, Art] Strava Artwork; [Link, Computing] Useful gcc flags; [Link] Voynich Manuscript Decoded; [Bike] Notes on Servicing Suspension Forks; [Links, Computing] Snap, Flatpack, Appimage; [Link, Computing] Oracle is leaving Java (to die); [Link, Politics] Cubans + Ultrasonics; [Book, Link] Laurent Binet; VirtualBox; [Book, Link] No One's Ways; [Link] The Biggest Problem For Cyclists Is Bad Driving; [Computing] Doxygen, Sphinx, Breathe; [Admin] Brokw Recent Permalinks; [Bike, Chile] Buying Bearings in Santiago; [Computing, Opensuse] Upgrading to 42.3; [Link, Physics] First Support for a Physics Theory of Life; [Link, Bike] Peruvian Frame Maker; [Link] Awesome Game Theory Tit-For-Tat Thing; [Food, Review] La Fabbrica - Good Italian Food In Santiago; [Link, Programming] MySQL UTF8 Broken; [Link, Books] Latin American Authors; [Link, Computing] Optimizatin Puzzle; [Link, Books, Politics] Orwell Prize; [Link] What the Hell Is Happening With Qatar?; [Link] Deep Learning + Virtual Tensor Machines; [Link] Scaled Composites: Largest Wingspan Ever; [Link] SCP Foundation; [Bike] Lessons From 2 Leading 2 Trailing; [Link] Veg Restaurants in Santiago; [Link] List of Contemporary Latin American Authors; [Bike] FTHR; [Link] Whoa - NSA Reduces Collection (of US Residents); [Link] Red Bull's Breitbart; [Link] Linux Threads; [Link] Punycode; [Link] Bull / Girl Statues on Wall Street; [Link] Beautiful Chair Video; Update: Lower Pressures; [Link] Neat Python Exceptions; [Link] Fix for Windows 10 to Avoid Ads; [Link] Attacks on ZRTP; [Link] UK Jazz Invasion; [Review] Cuba; [Link] Aricle on Gender Reversal of US Presidential Debate; {OpenSuse] Fix for Network Offline in Updater Applet; [Link] Parkinson's Related to Gut Flora; Farellones Bike Park; [Meta] Tags; Update: Second Ride; Schwalbe Thunder Burt 2.1 v Continental X-King 2.4; Mountain Biking in Santiago; Books on Ethics; Security Fail from Command Driven Interface; Everything Old is New Again; Interesting Take on Trump's Lies; Chutney v6; References on Entropy; Amusing "Alexa.." broadcast; The Shame of Chile's Education System; Playing mp4 gifs in Firefox on Opensuses Leap 42.2; Concurrency at Microsoft; Globalisation: Uk -> Chile; OpenSuse 42.2 and Synaptics Touch-Pads; Even; Cherry Jam; Lebanese Writer Amin Maalouf; C++ - it's the language of the future; Learning From Trump; Chinese Writer Hu Fayun; And; Apricot Jam; Also; Excellent Article on USA Politics; Oh Metafilter; Prejudice Against The Rurals; Also, Zizek; Trump; Why Trump Won; Doxygen + Latex on CentOS 6; SMASH - Solve 5 Biggest Problems in Physics; Good article on racism, brexit, and social divides; Grandaddy are back!; Consciousness From Max Entropy; Democrats; Harvard Will Fix Black Poverty; Modelling Bicycle Wheels

© 2006-2017 Andrew Cooke (site) / post authors (content).

Using AES CTR mode with Java / Clojure

From: andrew cooke <andrew@...>

Date: Sun, 27 May 2012 08:49:45 -0400

I needed to generate a sequence of "random" bytes and, for various reasons I
won't get into here, decided that running AES in CTR mode would be the best
solution.

Background:
https://en.wikipedia.org/wiki/Block_cipher_modes_of_operation#Counter_.28CTR.29

The general procedure is described in detail in RFC2686, along with some test
vectors (thanks!) - http://www.ietf.org/rfc/rfc3686.txt - but it wasn't clear
to me how this mapped to the Java Cipher API.

It turns out that you need to do the following:

 - create a cipher instance for AES/CTR/NoPadding
 - create the CTRBLK as described in the RFC
 - initialise the cipher with CTRBLK as the IV
 - encoding blocks of zero bytes then returns the key stream

The two main sources fo confusion are:

 - What the RFC calls the CTRBLK is what Java calls the IV (what RFC calls
   the IV is the central 8 bytes of the Java IV).

 - Java automatically increments CTRBLK on successive calls to update.

And I verified all this by testing against the 128-bit test vectors in the
RFC (that is the ONLY verification made - I have not looked at any source and
I am not an expert at this...).


Here is the equivalent Clojure code (cut+pasted from a more complete module
that I will be releasing soon - you can see the code at
https://github.com/andrewcooke/particl/blob/master/src/cl/parti/random.clj):

(ns cl.parti.random
  (:use (cl.parti utils))
  (:import javax.crypto.Cipher)
  (:import javax.crypto.spec.SecretKeySpec)
  (:import javax.crypto.spec.IvParameterSpec)
  (:import java.security.MessageDigest))


;; Constants for AES in counter mode.

(def ^:private CIPHER "AES")
(def ^:private CIPHER_SPEC (str CIPHER "/CTR/NoPadding"))
(def ^:private BLOCK_SIZE 16)
(def ^:private NONCE_SIZE 4)
(def ^:private IV_SIZE 8)
(def ^:private CTR_SIZE 4)
(def ^:private KEY_SIZE 16)

(def ^:private ^{:doc "The hash used for nonce and IV."} HASH "SHA-1")


;; ## Basic counter mode operation
;;
;; The general approach follows
;; [RFC3686](http://www.faqs.org/rfcs/rfc3686.html), except that Java
;; handles the increment of the counter.

(def ^:private ^{:doc "An array of zeroes; used as the 'plaintext' since we
want to access the key stream."}
  BLANK (byte-array BLOCK_SIZE (byte 0)))

(defn- stream-blocks
  "Run the given cipher, generating a lazy stream of blocks.  The underlying
  Java code increments the counter after each loop, generating a lazy stream
  of blocks."
  [cipher]
  (lazy-seq
    (let [block (.update cipher BLANK)]
      (cons block (stream-blocks cipher)))))

(defn- stream-bytes
  "Convert a stream of blocks to a stream of bytes.

  The first form re-calls with the head block and a zero offset.

  The second form recurses through the available bytes in the block and
  then re-calls with the remaining blocks."
  ([blocks] (stream-bytes (first blocks) 0 (rest blocks)))
  ([block i blocks]
    (lazy-seq
      (if (= i BLOCK_SIZE)
        (stream-bytes blocks)
        (cons (nth block i) (stream-bytes block (inc i) blocks))))))

(defn- init-ctrblk
  "Create a counter block with CTR set to 1 (lsb)."
  [nonce iv]
  (byte-array
    (for [i (range BLOCK_SIZE)]
      (let [j (- i NONCE_SIZE)]
        (cond
          (< i NONCE_SIZE) (nth nonce i)
          (< j IV_SIZE) (nth iv j)
          (not= i (dec BLOCK_SIZE)) (byte 0)
          :else (byte 1))))))

(defn stream-aes-ctr
  "Generate a stream of bytes from the initial data, using AES in counter
  mode.

  This is tested against the three 128-bit test vectors in
  [RFC3686](http://www.faqs.org/rfcs/rfc3686.html) - the bytes returned
  match those expected for the key stream."
  [key nonce iv]
  (let [cipher (Cipher/getInstance CIPHER_SPEC)
        key (SecretKeySpec. key CIPHER)
        ctrblk (init-ctrblk nonce iv)]
    (do (.init cipher Cipher/ENCRYPT_MODE key (IvParameterSpec. ctrblk))
      (stream-bytes (stream-blocks cipher)))))


Andrew

Comment on this post