Free cbc software for linux

PerlIO::via::CBC is a Perl IO layer for reading/writing CBC encrypted files.

SYNOPSIS

use PerlIO::via::CBC;

PerlIO::via::CBC->config(
key => my secret key,
cipher => Blowfish,
iv => $KJh#(}q,
regenerate_key => 0, # default true
padding => space,
prepend_iv => 0,
pcbc => 1 #default 0
);

my $fh;
open($fh, >:via(PerlIO::via::CBC), $file)
or die "Cant open $file for encryption: $!n";
print $fh $lots_of_secret_data;
close($fh)
or die "Error closing file: $!n";

open($fh, ;
close($fh)
or die "Error closing file: $!n";

This module implements a PerlIO layer that can read and read CBC encrypted files. It uses Crypt::CBC to do the CBC. So check Crypt::CBC for more information.

config(%args)

Allows the configuration of the CBC. Check Crypt::CBC->new() for more information.

libmcrypt is the library which implements all the algorithms and modes found in mcrypt. libmcrypt library is currently under development but it seems to work pretty good.
Unlike most encryption libraries libmcrypt does not have everything (random number generators, hashes, hmac implementation, key exchange, public key encryption etc.).
Libmcrypt only implements an interface to access block and stream encryption algorithms. Its purpose was to assist in the development of mcrypt by providing a uniform interface to access several different encryption algorithms, so that the main program is independent of the encryption algorithms and the modes used.
Libmcrypt supports the algorithms:
BLOWFISH, TWOFISH, DES, TripleDES, 3-WAY, SAFER-sk64, SAFER-sk128, SAFER+, LOKI97, GOST, RC2, RC6, MARS, IDEA, RIJNDAEL-128 (AES), RIJNDAEL-192, RIJNDAEL-256, SERPENT, CAST-128 (known as CAST5), CAST-256, ARCFOUR and WAKE.
Block algorithms can be used in: CBC, ECB, CFB and OFB (8 bit and n bit, where n is the size of the algorithms block length).
Enhancements:
- Stuff from the Fedora Extras crew

Crypt::PBC is a OO interface for the Stanford PBC library.

SYNOPSIS

use Crypt::PBC;

my $pairing = new Crypt::PBC("params_d.txt");
my $G1 = $pairing->init_G1->random;
my $G2 = $pairing->init_G2->random->double->square;
my $GT = $pairing->init_GT->pairing_apply( $G1, $G2 );

The PBC library is a free portable C library designed to make it easy to implement pairing-based cryptosystems. It provides an abstract interface to a cyclic group with a bilinear pairing, and the programmer does not need to worry about, or even know about elliptic curves.

It is built on top of GMP, another C library which performs arbitrary precision arithmetic on integers, rationals and floats with strong emphasis on portability and speed.

Perl Module Methods

The Perl Module methods implement an OO interface that the author (Paul) highly recommends using. The only Perl Module OO function in the Crypt::PBC package is new(). Please see Crypt::PBC::Pairing and Crypt::PBC::Element for the guts of the intended OO interface.

Crypt::PBC::new()

Returns a new PBC pairing object. new() takes, as arguments, either the name of a file, a file stream (e.g., new Crypt::PBC(*STDIN)), or the params for a curve as a string. Ben Lynn provides a zip file of d-type curves:

MNT curve parameters for embedding degree 6 (which I
call type D curves), for all D less than a million, and
for subgroup sizes at least 80 bits and less than 300
bits long. Generated using test programs bundled with
PBC library.

http://crypto.stanford.edu/pbc/download.html

XS Loaded Functions

This section is basically a listing of the PBC functions as they are imported. You can use them directly if youre already comfortable with the layout of PBC. If youre starting from scratch and arent much of a C coder, youll have an easier time using the Perl Module methods because they implement a little type-safety to protect perl coders from segfaults.

Mixing and matching direct calls with the Perl Module methods is a sure way to run into trouble, since the Perl Module methods tag the PBC elements with a type.

+++ NOTE +++
You can use these functions successfully, but the intended interface was described above. Crypt::PBC::Element describes that interface in detail.
+++ /NOTE +++

Pairing Functions

# Initialize a pairing from an open file handle
my $pairing = &Crypt::PBC::pairing_init_stream(*STDIN);

# Initialize a pairing from a a $string
my $pairing = &Crypt::PBC::pairing_init_str($string);

# Clear the memory malloced for the pairing
&Crypt::PBC::pairing_clear($pairing);

# Apply the pairing. Be careful here. If you pass the wrong type of
# elements, GT = apply(G1, G2), this will segmentation fault! Please
# see the PBC documentation for further information:
# http://crypto.stanford.edu/pbc/manual/
&Crypt::PBC::pairing_apply($LHS, $RHS1, $RHS2, $pairing);

Element Initializer and Assignment Functions

my $element_in_G1 = &Crypt::PBC::element_init_G1($pairing);
my $element_in_G2 = &Crypt::PBC::element_init_G2($pairing);
my $element_in_GT = &Crypt::PBC::element_init_GT($pairing);
my $element_in_Zr = &Crypt::PBC::element_init_Zr($pairing);

# Do not forget to clear your memory!
&Crypt::PBC::element_clear( $element ); # in any group

# assign some random to $element
# (uses /dev/urandom if possible, or rand() if necessary)
&Crypt::PBC::element_random( $element );
&Crypt::PBC::element_set0( $element ); # set to 0
&Crypt::PBC::element_set1( $element ); # set to 1
&Crypt::PBC::element_set( $a, $b ); # a=b
&Crypt::PBC::element_set_si( $a, 5 ); # a=5

&Crypt::PBC::element_set_mpz( $a, $bigint );
# For this one, construct a Math::BigInt::GMP and pass that for
# $bigint. Alternatively, you can construct a $i=Math::BigInt and
# pass the $i->{value}. (That interface is probably not well
# supported but is the only one of which the author is aware.)

&Crypt::PBC::element_from_hash( $element, $hash );
# Set $element based on the bytes in $hash. You must use some kind
# of hashing algorithm (e.g., Digest::SHA1) to map data to an
# element:
#
# "In general you cannot feed it plaintext. You should only give it
# short strings of bytes (e.g. 160 bits if G1 has order around 2^160,
# which is the case for most of the bundled pairing parameters)."
# -- Lynn

&Crypt::PBC::element_from_bytes( $element, $bytes );
# Set $element based on the bytes in $bytes. this probably isnt useful
# unless $bytes is like $spewed_result from element_export() below.

Arithmetic Functions

# lhs=rhs1+rhs2 -- make sure these are all the same type ...
&Crypt::PBC::element_add($lhs, $rhs1, $rhs2);
&Crypt::PBC::element_sub($lhs, $rhs1, $rhs2); # lhs=rhs1-rhs2
&Crypt::PBC::element_mul($lhs, $rhs1, $rhs2);
&Crypt::PBC::element_div($lhs, $rhs1, $rhs2);

# (whatever these mean is in the context of the $pairing)
&Crypt::PBC::element_double($lhs, $rhs); # lhs = 2*rhs
&Crypt::PBC::element_halve( $lhs, $rhs); # lhs = rhs/2
&Crypt::PBC::element_square($lhs, $rhs); # lhs = rhs^2
&Crypt::PBC::element_neg( $lhs, $rhs); # (please see the PBC docs)
&Crypt::PBC::element_invert($lhs, $rhs); # lhs = 1/rhs

# Heres a few other choices for mul
&Crypt::PBC::element_mul_zn( $lhs, $rhs1, $rhs2 );
# $rhs1 and $lhs should be of the same type, but here $rhs2 should be
# in Zr instead of being in the same group like in element_mul()
# above

&Crypt::PBC::element_mul_mpz( $lhs, $rhs1, $rhs2 );
# For this one, construct a Math::BigInt::GMP and pass that for
# $rhs2 or pass $i->{value} from a Math::BigInt.

&Crypt::PBC::element_mul_si( $lhs, $rhs1, $rhs2 );
# Here, $rhs2 is a regular old integer...

&Crypt::PBC::element_pow_zn( $lhs, $a, $n); # lhs = a^n
&Crypt::PBC::element_pow2_zn($lhs, $a1, $n1, $a2, $n2); # a1^n1 * a2^n2
&Crypt::PBC::element_pow3_zn($lhs, $a1, $n1, $a2, $n2, $a3, $n3);
# in the above, the lhs and ad+ should be in the same group, nd+ in Zr

&Crypt::PBC::element_pow_mpz( $lhs, $a, $n);
&Crypt::PBC::element_pow2_mpz($lhs, $a1, $n1, $a2, $n2);
&Crypt::PBC::element_pow3_mpz($lhs, $a1, $n1, $a2, $n2, $a3, $n3);
# like the _zn functions, but nd+ should be Math::BigInt::GMP
# or pass $i->{value} from a Math::BigInt.

Comparison Functions

&Crypt::PBC::element_is0( $a ); # 1 when $a is 0
&Crypt::PBC::element_is1( $a ); # 1 when $a is 1
&Crypt::PBC::element_cmp( $a,$b ); # paradoxically, false when $a == $b
&Crypt::PBC::element_is_sqr( $a ); # 1 when $a is a perfect square ...
# see the PBC docs for words like "residue"

Export and Output

# Please check the PBC docs ...
&Crypt::PBC::element_fprintf(*OUTFILE, $format, $element);
&Crypt::PBC::element_fprintf(*STDOUT, "example element=%Bn", $element);
# (You may be surprised how many bigints are in these group elements.)

my $spewed_result = &Crypt::PBC::export_element($element);
# These are bytes, dumped from the $element, that can be used to
# reconstruct the element or used for interacting with real life data.

# Example:
my $cipher = new Crypt::CBC({
header => "randomiv",
key => &Crypt::PBC::export_element($element),
cipher => Blowfish, # hehe
});

my $big = &Crypt::PBC::element_to_mpz( $element );
# Returns a Math::BigInt::GMP, not a Math::BigInt! WARNING: the
# DESTROY() method from Math::BigInt::GMP will be missing unless you
# require that package into your program. Youll want to do that or youll
# have a memory leak... Lastly, this is really only useful for elements in
# Zr -- element_fprintf() to see what I mean.

is a Netcat-clone, designed to be portable and offer strong encryption. It runs on Unix-like operating systems and on Microsoft Win32. sbd features AES-CBC-128 + HMAC-SHA1 encryption (by Christophe Devine), program execution (-e option), choosing source port, continuous reconnection with delay, and some other nice features.
Only TCP/IP communication is supported. Source code and binaries are distributed under the GNU General Public License.
sbd can be used for any number of network-related things, for example.:
Secure file transfer
Remote administration
Simple (but secure) peer-to-peer chat
Pen-test tool (crypto avoids NIDS detection and telnet-style traffic recording)
To compile sbd under a Unix-like operating system you need gcc and relevant
development tools. For Linux, FreeBSD, NetBSD, OpenBSD (and possibly others),
type:
make unix
Enhancements:
- if sbd is setuid (chmod 4755 or 6755), sbd will do setuid(geteuid()) on Unix-like operating systems. feature added to offer root shells during pen-tests.
- the host, port and command to execute (-e option) specified on the command line are wiped with spaces in order to hide them from the process list on Unix-like operating systems (e.g. "ps auxww", "ps -Af", e.g.). the -k option was wiped with stars (*) before, but now its all wiped with spaces (0x20) instead.

JSch is a pure Java implementation of SSH2.
JSch project allows the user to connect to an sshd server and use port forwarding, X11 forwarding, file transfer, etc., and you can integrate its functionality into your own Java programs. JSch is licensed under BSD style license.
Our intension in developing this stuff is to enable users of our pure java X servers, WiredX and WeirdX, to enjoy secure X sessions. Our efforts have mostly targeted the SSH2 protocol in relation to X window system and X11 forwarding. Of course, we are also interested in adding other functionality - port forward, file transfer, terminal emulation, etc.
Needless to say, SSH provides support for secure remote login, secure file transfer, and secure TCP/IP and X11 forwarding. It can automatically encrypt, authenticate, and compress transmitted data.
The SSH protocol is available in two incompatible varieties: SSH1 and SSH2. SSH2 was invented to avoid the patent issues regarding RSA (RSA patent has expired), and to fix some data integrity problem that SSH1 has, and for a number of other technical reasons.
SSH2 protocol has been standardized on IETF Secure Shell working group and drafts related to SSH2 protocol are available on the web. In developing JSch, we are now referring to following documents:
SSH Protocol Architecture
SSH Transport Layer Protocol
Diffie-Hellman Group Exchange for the SSH Transport Layer Protocol
SSH Connection Protocol
SSH Authentication Protocol
Main features:
- JSch is in pure Java, but it depends on JavaTM Cryptography Extension (JCE). JSch is know to work with:
- J2SE 1.4.0 or later (no additional libraries required).
- J2SE 1.3 and Suns JCE reference implementation that can be obtained at http://java.sun.com/products/jce/.
- J2SE 1.2.2 and later and Bouncycastles JCE implementation that can be obtained at http://www.bouncycastle.org/.
- SSH2 protocol support.
- Key exchange: diffie-hellman-group-exchange-sha1, diffie-hellman-group1-sha1
- Cipher: blowfish-cbc, 3des-cbc, aes128-cbc,aes192-cbc,aes256-cbcnew!
- MAC: hmac-md5, hmac-sha1, hmac-md5-96, hmac-sha1-96
- Host key type: ssh-dss,ssh-rsa
- Userauth: password
- Userauth: publickey(DSA,RSA)
- Userauth: keyboard-interactive
- X11 forwarding
- xauth spoofing
- connection through HTTP proxy.
- connection through SOCKS5 proxy.
- port forwarding.
- stream forwarding.
- signal sending. The unofficial patch for sshd of openssh will be found in this thread.
- remote exec.
- generating DSA and RSA key pairs.
- changing the passphrase for a private key.
- partial authentication
- SSH File Transfer Protocol(version 0, 1, 2, 3)
- packet compression. JZlib has been used.
- JSch is licensed under BSD style license.
Enhancements:
- bugfix: freeze in diffie-hellman-group-exchange-sha1. FIXED. By the default, diffie-hellman-group1-sha1 will be used and if you have not chosen diffie-hellman-group-exchange-sha1 explicitly, you dont have to worry about it.
- bugfix: there should be timeout mechanism in opening a socket for remote port forwarding. FIXED. At the failure or timeout, SSH_MSG_CHANNEL_OPEN_FAILURE will be sent to sshd.
- bugfix: there should be timeout mechanism in opening a socket for X11 forwarding. FIXED. At the failure or timeout, SSH_MSG_CHANNEL_OPEN_FAILURE will be sent to sshd.

nsmcrypt is an AOLserver module and standard Tcl library that implements an interface to the mcrypt library (libmcrypt).
It supports cipher algorithms (such as blowfish, des, or rijndael-256), cipher modes (such as cbc, cfb, ncfb, or stream), and also supports sharing with nsv_* commands. This project was tested with AOLserver 3.4.x and 4.0.x and Tcl 8.4.
Enhancements:
- An interface to the standard Tcl language was added as the nsmcrypt package.

Crypto++ project is a free C++ class library of cryptographic schemes.
Main features:
- a class hierarchy with an API defined by abstract base classes
- AES (Rijndael) and AES candidates: RC6, MARS, Twofish, Serpent, CAST-256
- other symmetric block ciphers: IDEA, DES, Triple-DES (DES-EDE2 and DES-EDE3), DESX (DES-XEX3), RC2, RC5, Blowfish, Diamond2, TEA, SAFER, 3-WAY, GOST, SHARK, CAST-128, Square, Skipjack, Camellia, SHACAL-2
- generic cipher modes: ECB, CBC, CBC ciphertext stealing (CTS), CFB, OFB, counter mode (CTR)
- stream ciphers: Panama, ARC4, SEAL, WAKE, WAKE-OFB, BlumBlumShub
- public-key cryptography: RSA, DSA, ElGamal, Nyberg-Rueppel (NR), Rabin, Rabin-Williams (RW), LUC, LUCELG, DLIES (variants of DHAES), ESIGN
- padding schemes for public-key systems: PKCS#1 v2.0, OAEP, PSS, PSSR, IEEE P1363 EMSA2 and EMSA5
- key agreement schemes: Diffie-Hellman (DH), Unified Diffie-Hellman (DH2), Menezes-Qu-Vanstone (MQV), LUCDIF, XTR-DH
- elliptic curve cryptography: ECDSA, ECNR, ECIES, ECDH, ECMQV
- one-way hash functions: SHA-1, MD2, MD4, MD5, HAVAL, RIPEMD-128, RIPEMD-256, RIPEMD-160, RIPEMD-320, Tiger, SHA-2 (SHA-224, SHA-256, SHA-384, and SHA-512), Panama, Whirlpool
- message authentication codes: MD5-MAC, HMAC, XOR-MAC, CBC-MAC, DMAC, Two-Track-MAC
- cipher constructions based on hash functions: Luby-Rackoff, MDC
- pseudo random number generators (PRNG): ANSI X9.17 appendix C, PGPs RandPool
- password based key derivation functions: PBKDF1 and PBKDF2 from PKCS #5
- Shamirs secret sharing scheme and Rabins information dispersal algorithm (IDA)
- DEFLATE (RFC 1951) compression/decompression with gzip (RFC 1952) and zlib (RFC 1950) format support
- fast multi-precision integer (bignum) and polynomial operations, with SSE2 optimizations for Pentium 4 processors, and support for 64-bit CPUs
- finite field arithmetics, including GF(p) and GF(2^n)
- prime number generation and verification
- various miscellaneous modules such as base 64 coding and 32-bit CRC
- class wrappers for these operating system features (optional):
- high resolution timers on Windows, Unix, and MacOS
- Berkeley and Windows style sockets
- Windows named pipes
- /dev/random and /dev/urandom on Linux and FreeBSD
- Microsofts CryptGenRandom on Windows
- A high level interface for most of the above, using a filter/pipeline metaphor
- benchmarks and validation testing
- FIPS 140-2 Validated
Enhancements:
- This release added VMAC and Sosemanuk, and improved the speed of several other algorithms using x86/x86-64/MMX/SSE2 assembly.
- Random number generators and DSA-like signature algorithms were modified to reduce the risk of reusing random numbers and IVs after virtual machine state rollback.