Ports Search

This is Encrypted MAC (EMAC), formerly known as Double MAC (DMAC). Unlike HMAC, which reuses an existing one-way hash function, such as MD5, SHA-1 or RIPEMD-160, EMAC reuses an existing block cipher to produce a secure message authentication code (MAC). Using the block cipher, a message is encrypted in CBC mode. The last block is taken as the MAC of the message. For fixed-length messages, this method is provably secure. In reality, however, messages have arbitrary lengths, and this method is not secure. To make secure MACs for variable length messages, the last block is encrypted once again with a different key. The security of this construction has been proved in the paper, ``CBC MAC for Real-Time Data Sources'' by Erez Petrank and Charles Rackoff. The security can be proved on the assumption that the underlying block cipher is pseudo-random. The performance and key-agility of EMAC are reasonable. EMAC is preferable for short messages because the block length is smaller compared to the schemes based on a hash function. EMAC is also chosen as one of the NESSIE winners for Message Authentication Codes, along with UMAC, TTMAC and HMAC. The current NESSIE specification chooses the AES as block cipher.

This is Encrypted MAC (EMAC), formerly known as Double MAC (DMAC). Unlike HMAC, which reuses an existing one-way hash function, such as MD5, SHA-1 or RIPEMD-160, EMAC reuses an existing block cipher to produce a secure message authentication code (MAC). Using the block cipher, a message is encrypted in CBC mode. The last block is taken as the MAC of the message. For fixed-length messages, this method is provably secure. In reality, however, messages have arbitrary lengths, and this method is not secure. To make secure MACs for variable length messages, the last block is encrypted once again with a different key. The security of this construction has been proved in the paper, ``CBC MAC for Real-Time Data Sources'' by Erez Petrank and Charles Rackoff. The security can be proved on the assumption that the underlying block cipher is pseudo-random. The performance and key-agility of EMAC are reasonable. EMAC is preferable for short messages because the block length is smaller compared to the schemes based on a hash function. EMAC is also chosen as one of the NESSIE winners for Message Authentication Codes, along with UMAC, TTMAC and HMAC. The current NESSIE specification chooses the AES as block cipher.

Digest::Elf provides an XS based implementation of the ElfHash algorithm. ElfHash generates resonably 32 bit integer value from a string in a reasonably short period of time.

Haval is a variable-length, variable-round one-way hash function designed by Yuliang Zheng, Josef Pieprzyk, and Jennifer Seberry. The number of rounds can be 3, 4, or 5, while the hash length can be 128, 160, 192, 224, or 256 bits. Thus, there are a total of 15 different outputs. For better security, however, this module implements the 5-round, 256-bit output.

The Digest::MD5 module allows you to use the RSA Data Security Inc. MD5 Message Digest algorithm from within Perl programs. The algorithm takes as input a message of arbitrary length and produces as output a 128-bit "fingerprint" or "message digest" of the input. The Digest::MD5 module provide a procedural interface for simple use, as well as an object oriented interface that can handle messages of arbitrary length and which can read files directly. Further documentation is embedded in the individual modules.

A nilsimsa signature is a statistic of n-gram occurrence in a piece of text. It is a 256 bit value usually represented in hex. This module is a wrapper around nilsimsa implementation in C by cmeclax.

ike-scan discovers IKE hosts and can also fingerprint them using the retransmission backoff pattern. ike-scan does two things: a) Discovery: Determine which hosts are running IKE. This is done by displaying those hosts which respond to the IKE requests sent by ike-scan. b) Fingerprinting: Determine which IKE implementation the hosts are using. This is done by recording the times of the IKE response packets from the target hosts and comparing the observed retransmission backoff pattern against known patterns.

Digest::SV1 - Cryptosleazically strong message digest format

Digest::Whirlpool - A 512-bit, collision-resistant, one-way hash function developed by Paulo S. L. M. Barreto and Vincent Rijmen.

File::KeePass is an interface to KeePassX, KeePass 1.x and 2.x database files.