cryptix.provider.cipher

Class SAFER

Implemented Interfaces:
Parameterized, SymmetricCipher

public final class SAFER
extends Cipher
implements SymmetricCipher

A subclass of Cipher to implement the SAFER algorithm in Java.

SAFER (Secure And Fast Encryption Routine) is a block-cipher algorithm developed by Prof. J.L. Massey at the Swiss Federal Institute of Technology. SAFER is usable in four versions (referred to in this implementation as VARIANTS): SAFER K-64, SAFER K-128, SAFER SK-64 and SAFER SK-128. The numerals 64 and 128 stand for the length of the user-selected key, 'K' stands for the original key schedule and 'SK' stands for the strengthened key schedule.

References:

  1. Massey, J.L., "SAFER K-64: A Byte-Oriented Block Ciphering Algorithm", pp. 1-17 in Fast Software Encryption (Ed. R. Anderson), Proceedings of the Cambridge Security Workshop, Cambridge, U.K., December 9-11, 1993,
    Lecture Notes in Computer Science No. 809. Heidelberg and New York: Springer, 1994.

  2. Massey, J.L., "SAFER K-64: One Year Later", preliminary manuscript of a paper presented at the K. U. Leuven Workshop on Cryptographic Algorithms, December 14-16, 1994.
    To be published in the Proceedings of this workshop by Springer.

  3. Massey, J.L., "Announcement of a Strengthened Key Schedule for the Cipher SAFER", Sept. 9, 1995, (see file 'SAFER_SK.TXT' included in the toolkit).

  4. Richard De Moliner <demoliner@isi.ee.ethz.ch> SAFER toolkit V1.2 includes C implementation, additional notes, test data, test program.

Ported to Java from public domain 'C' code latest revised on September 9, 1995 by:

Richard De Moliner (demoliner@isi.ee.ethz.ch)
Signal and Information Processing Laboratory
Swiss Federal Institute of Technology
CH-8092 Zürich, Switzerland.

Copyright © 1997 Systemics Ltd on behalf of the Cryptix Development Team.
All rights reserved.

$Revision: 1.8 $

Authors:
Raif S. Naffah
David Hopwood
Since:
Cryptix 2.2.2

Field Summary

static int
K128_VARIANT
static int
K64_VARIANT
static int
SK128_VARIANT
static int
SK64_VARIANT

Fields inherited from class xjava.security.Cipher

DECRYPT, ENCRYPT, UNINITIALIZED

Fields inherited from class xjava.security.IJCE_Traceable

tracing

Constructor Summary

SAFER()
Calls the Cipher constructor with implBuffering false, implPadding false and the provider set to "Cryptix".

Method Summary

Object
clone()
Always throws a CloneNotSupportedException (cloning of ciphers is not supported for security reasons).
int
engineBlockSize()
SPI: Returns the length of an input block, in bytes.
protected Object
engineGetParameter(String param)
void
engineInitDecrypt(Key key)
SPI: Initializes this cipher for decryption, using the specified key.
void
engineInitEncrypt(Key key)
SPI: Initializes this cipher for encryption, using the specified key.
protected void
engineSetParameter(String param, Object value)
protected int
engineUpdate(byte[] in, int inOffset, int inLen, byte[] out, int outOffset)
SPI: This is the main engine method for updating data.
protected void
finalize()
Cleans up resources used by this instance, if necessary.
static LinkStatus
getLinkStatus()
Gets an object representing the native linking status of this class.
int
getRounds()
Gets the number of rounds for this cipher.
String
getVariant()
Gets the variant for this cipher ("SK-128", "SK-64", "K-128", or "K-64").
void
setRounds(int rounds)
Sets the number of rounds for this cipher.
void
setVariant(String ps)
Sets the variant for this cipher.

Methods inherited from class xjava.security.Cipher

blockSize, clone, crypt, crypt, crypt, doFinal, doFinal, doFinal, doFinal, engineBlockSize, engineCiphertextBlockSize, engineCrypt, engineGetParameter, engineInBufferSize, engineInitDecrypt, engineInitEncrypt, engineOutBufferSize, enginePlaintextBlockSize, engineSetPaddingScheme, engineSetParameter, engineUpdate, getAlgorithm, getAlgorithms, getAlgorithms, getCiphertextBlockSize, getInputBlockSize, getInstance, getInstance, getInstance, getMode, getOutputBlockSize, getPadding, getPaddingScheme, getParameter, getPlaintextBlockSize, getProvider, getState, inBufferSize, inBufferSizeFinal, initDecrypt, initEncrypt, isPaddingBlockCipher, outBufferSize, outBufferSizeFinal, setParameter, toString, update, update, update, update

Methods inherited from class xjava.security.IJCE_Traceable

disableTracing, enableTracing, traceMethod, traceResult, traceResult, traceVoidMethod

Field Details

K128_VARIANT

public static final int K128_VARIANT
Field Value:
2

K64_VARIANT

public static final int K64_VARIANT
Field Value:
3

SK128_VARIANT

public static final int SK128_VARIANT
Field Value:
0

SK64_VARIANT

public static final int SK64_VARIANT
Field Value:
1

Constructor Details

SAFER

public SAFER()
Calls the Cipher constructor with implBuffering false, implPadding false and the provider set to "Cryptix".

Sets the variant of this cipher based on the currently set "variant" property in the provider properties file. The current JCE syntax for the SAFER algorithm variant property is:

    Alg.variant.SAFER = ...
 

Valid alternatives for variant are:

  • SK-128, SK128, sk-128 and sk128: Strengthened key schedule of length 128 bits.
  • SK-64, SK64, sk-64 and sk64: Strengthened key schedule of length 64 bits.
  • K-128, K128, k-128 and k128: Non-strengthened key schedule of length 128 bits.
  • K-64, K64, k-64 and k64: Non-strengthened key schedule of length 64 bits.

Once the variant is set, a default value for the number of rounds to use is also set as follows:

    Variant   Number of rounds = current value
    -------   --------------------------------
    SK-128    SK128_DEFAULT_NOF_ROUNDS = 10
    SK-64     SK64_DEFAULT_NOF_ROUNDS  =  8
    K-128     K128_DEFAULT_NOF_ROUNDS  = 10
    K-64      K64_DEFAULT_NOF_ROUNDS   =  6
 

If no variant property is found in the provider's properties file a strengthened key schedule of 128 bits is used with 10 rounds.

This constructor also attempts to set the desired number of rounds for this cipher object from a "rounds" property in the provider's properties file. Acceptable values are non-zero integers between 1 and the MAX_NOF_ROUNDS constant; i.e. 13. If no such property is found, or is found but deemed invalid, then the already set value (depending on the variant property as determined above) remains unaltered.

Method Details

clone

public final Object clone()
            throws CloneNotSupportedException
Always throws a CloneNotSupportedException (cloning of ciphers is not supported for security reasons).
Overrides:
clone in interface Cipher

engineBlockSize

public int engineBlockSize()
SPI: Returns the length of an input block, in bytes.
Overrides:
engineBlockSize in interface Cipher
Returns:
the length in bytes of an input block for this cipher.

engineGetParameter

protected Object engineGetParameter(String param)
            throws NoSuchParameterException,
                   InvalidParameterException
Overrides:
engineGetParameter in interface Cipher

engineInitDecrypt

public void engineInitDecrypt(Key key)
            throws KeyException
SPI: Initializes this cipher for decryption, using the specified key.
Overrides:
engineInitDecrypt in interface Cipher
Parameters:
key - the key to use for decryption.

engineInitEncrypt

public void engineInitEncrypt(Key key)
            throws KeyException
SPI: Initializes this cipher for encryption, using the specified key.
Overrides:
engineInitEncrypt in interface Cipher
Parameters:
key - the key to use for encryption.

engineSetParameter

protected void engineSetParameter(String param,
                                  Object value)
            throws NoSuchParameterException,
                   InvalidParameterException,
                   InvalidParameterTypeException
Overrides:
engineSetParameter in interface Cipher

engineUpdate

protected int engineUpdate(byte[] in,
                           int inOffset,
                           int inLen,
                           byte[] out,
                           int outOffset)
SPI: This is the main engine method for updating data.

in and out may be the same array, and the input and output regions may overlap.

Overrides:
engineUpdate in interface Cipher
Parameters:
in - the input data.
inOffset - the offset into in specifying where the data starts.
inLen - the length of the subarray.
out - the output array.
outOffset - the offset indicating where to start writing into the out array.
Returns:
the number of bytes written.

finalize

protected final void finalize()
Cleans up resources used by this instance, if necessary.

getLinkStatus

public static LinkStatus getLinkStatus()
Gets an object representing the native linking status of this class.

getRounds

public int getRounds()
Gets the number of rounds for this cipher.

getVariant

public String getVariant()
Gets the variant for this cipher ("SK-128", "SK-64", "K-128", or "K-64").

setRounds

public void setRounds(int rounds)
Sets the number of rounds for this cipher. Allowed only when this cipher is in the UNINITIALIZED state; otherwise an exception is thrown.

If the specified number is invalid, the current one remains unchanged.

Parameters:
rounds - the desired number of rounds for this cipher.

setVariant

public void setVariant(String ps)
Sets the variant for this cipher. Allowed only when this cipher is in the UNINITIALIZED state; otherwise an exception is thrown.
Parameters:
ps - The desired new variant identifier for this cipher.