IL-2 1Extending Kryptos with OpenSSLJohn Gibson and Theodore Winograd, Member, IEEEAbstract— We extend the educational software to use OpenSSLas an additional cryptographic library. We setup a code repos-itory and SourceForge.net project to allow distributed develop-ment. We design an abstraction layer that can be used to addfuture libraries. We correct problems with the existing code andmake suggestions for future work.Index Terms— Cryptography, Educational Software, Kryptos,Crypto++, OpenSSL.I. INTRODUCTIONKryptos is educational software for teaching cryptographydeveloped at the George Mason University (GMU) departmentof Electrical and Computer Engineering (ECE). The softwareis used for laboratory exercises in two classes: ECE 646 andECE 746. Kryptos supports many of the major cryptographicalgorithms available for general use since the release of theDigital Encryption Standard (DES) in 1976. Kryptos allowsstudents to choose the parameters for the various algorithms.By providing this level of flexibility, students are able tosee first-hand how the choice of a cryptographic algorithmand its parameters can affect the results of a cryptographicoperation. Kryptos also provides timing information for allof its cryptographic operations, allowing students to deriveempirical evidence when comparing algorithms.Ashraf Abusharekh developed the original version of Kryp-tos for his masters thesis in April 2004, Comparative Anal-ysis of Multi-Precision Arithmetic Libraries for Public KeyCryptography [1]. In fall 2004, N. Dowd, R. Salembier andP. Southerington continued work on Kryptos and released itas an open source project under the Massachusetts Instituteof Technology (MIT) License. Kryptos 2.0 had improveddocumentation and simplified the timing mechanisms used byKryptos [2].The next step in improving Kryptos is to add support for asecond cryptographic library, OpenSSL. By extending Kryptosto support multiple cryptographic libraries, students will beable to examine how the implementation of a cryptographicalgorithm directly affects its performance.II. OBJECTIVESThe primary objective of this project was to extend Kryptosto support the OpenSSL cryptographic library. By designing ageneric extensibility framework, other cryptographic librariescould be supported in the future. To aid in meeting this goal,we needed to import the code into a source code managementsystem to aid in distributed software development. In addition,Manuscript received December 12, 2006; revised December 19, 2006J. Gibson is a graduate student in Computer Engineering at George MasonUniversity, Fairfax, VA 22030 USA (e-mail: [email protected])T. Winograd is a graduate student in Computer Engineering at GeorgeMason University, Fairfax, VA 22030 USA (e-mail: [email protected])Kryptos was developed using an older version of Visual C++,so it needed to be ported to Visual C++ 2005 for developmentto continue.Our secondary objectives were to improve upon the Kryptosgraphical user interface (GUI) so that it would be easier touse. Currently, Kryptos is operated through a series of menuson the main window. When choosing an algorithm, modeof operation, or generating a key, Kryptos generates a newwindow in which to perform those actions. The main windowis populated with a series of textboxes that fill up as the usermakes choices. If a user modifies these textboxes, it does notalter program operation, which is counterintuitive.Kryptos’s GUI is written using Microsoft FoundationClasses (MFC), an object-oriented interface to the Win32application programming interface (API). Because MFC isa Microsoft Windows-specific API, this dependency is whatlimits the number of platforms on which Kryptos can run.If time permitted, we intended to modify Kryptos to takeadvantage of a cross-platform GUI API such as wxWidgets[3].III. DEVELOPMENT ENVIRONMENTWe moved development of Kryptos to Microsoft Visual C++2005, the latest version as of our work. The previous versionof Kryptos was developed using an earlier edition of VisualStudio, and initially the code would not build with the updatedcompiler. After diagnosing the build errors, we determinedthat the problem did not lie within Kryptos itself, but withinCrypto++. Kryptos 2.0 was developed using Crypto++ version5.2.1, which has a known bug preventing it from compilingwith Visual C++ 2005 [4]. A patch was applied to Crypto++and available in development snapshots of Crypto++ 5.3.We chose to use the development snapshot from April 2006because it was known to be stable. After compiling Kryptoswith the new version of Crypto++, we were able to build aworking version of Kryptos.As part of setting up the development environment, wechanged the directory structure of the source code to a moreformal structure following the book Version Control withSubversion [5]. We created the following directories withinour Subversion repository:- /branches, which will allow developers to work on largechanges to Kryptos without affecting the main codebase.- /doc, which stores Kryptos documentation.- /htdocs, which stores the Kryptos project Web site pages.- /lib, which stores the library code used by Kryptos.- /sandox, which lets developers share test code.- /tags, which stores the code for Kryptos releases.- /trunk, which stores the main Kryptos code base.IL-2 2Organizing the code this way allowed us to place a sepa-ration between the Kryptos code, the Crypto++ code, experi-mental code, and documentation. We also changed the VisualC++ project settings to prevent rebuilding the Crypto++ everytime. Since we will not make changes to the Crypto++ codevery often, this saves time when compiling Kryptos.Once the Kryptos 2.0 code was tagged and uploaded to theSubversion directory, we cleaned up the Kryptos code base byremoving unused source files, fixing a number of compilationwarnings, such as assigning longs to ints and signed/unsignedmismatches. We also corrected the information in the aboutdialog box. The Kryptos 2.0 about box states that Kryptos islicensed under the GNU General Public License (GPL) when itis in fact licensed under the MIT License, due to the inclusionof non-GPL compatible timing code [2].To prevent security errors when developing new ap-plications, Visual C++ 2005 warns about potentially un-safe function calls, such as strcpy. These are standard Ccalls, used in both Kryptos and the libraries. Since ad-dressing these potential errors is beyond the scope ofthis project, we muted these warnings by adding
View Full Document
Unlocking...