[Question] Does tfcrypt uses full key feature when generating random bytes with "-R" option?

strlcat / tfcrypt

tfcrypt -- high security Threefish encryption tool.

Other

10 stars 1 forks source link

[Question] Does tfcrypt uses full key feature when generating random bytes with "-R" option? #4

Closed phantomcraft closed 4 years ago

phantomcraft commented 4 years ago

I compiled my tfcrypt with full key option enabled in "tfcrypt_defs.h", I wanna know if the "-R" option uses full key (160 byte chunk) when seeded with a random source.

strlcat commented 4 years ago

according to strace, yes it does :)

phantomcraft commented 4 years ago

One more question:

Does it use the 128/160 byte chunk directly or hash it before generating the random stream?

strlcat commented 4 years ago

It uses the chunk directly. Relevant files to look into: tfc_random.c, tfprng.c, tfe.c. Basically, the key is used directly to cycle encrypt the IV over and over, emitting encrypted IV as result. IV is initialized to zero at beginning.