Cryptography
Description
Cryptography is an area of computing focused on encrypting data in order to prevent it from being readable by another (potentially malicious) user. Cryptography has applications all over SL where any form of data-security is required, be it an item vendor, or a game, or a device that processes personal details.
Unfortunately in LSL there are few good methods provided for security, beyond the ability to communicate with off-site services using HTTPS. For this reason there have been several efforts to implement encryption/decryption standards in LSL, and more recently take advantage of Mono for greater encryption.
Cryptography Libraries
Test Vectors
For all security libraries reviewed a common set of test-vectors (message and key(s)) should be used. These are the following recommended ones:
Base64 Message (1536-bit)
Remove new-lines
VAgWWFUfAJvIxSwoSUGCCR/QnQvXif9oswq1JaICbrohjfOTiINmRVQkr1q+awPXd2nGncz8Pelb/ 2vdx2vhh8UJiF6jBChzNGqr01l7ssgrIKGuXxKHw2JF8bByz7mREbmvxrndkM288HuwJYw0LlnaM1 3h8lzSBrQnLzr/Xwb6l3MfU867b/WtcuwpyXci9KKKYczywNs9Ay8N80xrwaA5sqWYysLrQD43U+l w9wPpbzf8/kJfwxZL4WL6nfxi=
Hexadecimal Key
42DBE20995628324EB343C6CF9D3C5F4
Base64 Key
Identical to the above hex-key but in Base64
QtviCZVigyTrNDxs+dPF9A==
Symmetric Key
Times below are given as a time to encrypt and decrypt the above test-message using the above test-key
Library | Security | Encrypt/Decrypt Time | Summary |
---|---|---|---|
AES | Very strong | 0.891489 | Relatively slow compared to other symmetric ciphers, but affords industry-standard security with no know weaknesses. Can encrypt a 2.3kb message with 256-bits of security in around 5-10 seconds. |
Base64 XOR | Very weak | 0.006923 | Very strong when used as a one-time-pad, but if used with the same key more than once becomes extremely vulnerable to attack. Use where speed is the highest priority, and where a message (if cracked) is useless after a very short time. |
Vignére Cipher | Weak | 0.097980 | Stronger than a regular base64 XOR, and can sustain repeated use of the same key for short periods of time. Use only for messages that become useless after a short period of time. |
Asymmetric Key
No useful asymmetric key cryptography libraries are yet available due to the high computing cost of such algorithms.
See Also
Articles