--- Crypt-Spritz/Spritz.pm 2015/01/10 09:36:01 1.8 +++ Crypt-Spritz/Spritz.pm 2015/06/30 00:46:35 1.12 @@ -82,7 +82,7 @@ use XSLoader; -$VERSION = '0.1'; +$VERSION = '1.0'; XSLoader::load __PACKAGE__, $VERSION; @@ -119,7 +119,7 @@ This class implements most of the Spritz primitives. To use it effectively you should understand them, for example, by reading the L, especially +paper|http://people.csail.mit.edu/rivest/pubs/RS14.pdf>, especially pp. 5-6. The Spritz primitive corresponding to the Perl method is given as @@ -639,6 +639,39 @@ =back +=head1 SECURITY CONSIDERATIONS + +At the time of this writing, Spritz has not been through a lot of +cryptanalysis - it might get broken tomorrow. That's true for any crypto +algo, but the probability is quite a bit higher with Spritz. Having said +that, Spritz is almost certainly safer than RC4 at this time. + +Nevertheless, I wouldn't protect something very expensive with it. I also +would be careful about timing attacks. + +Regarding key lengths - as has been pointed out, traditional symmetric key +lengths (128 bit, 256 bit) work fine. Longer keys will be overkill, but +you can expect keys up to about a kilobit to be effective. Longer keys are +safe to use, they will simply be a waste of time. + + +=head1 PERFORMANCE + +As a cipher/prng, Spritz is reasonably fast (about 100MB/s on 2014 era +hardware, for comparison, AES will be more like 200MB/s). + +For key setup, ivs, hashing, nonces and so on, Spritz is very slow (about +5MB/s on 2014 era hardware, which does SHA-256 at about 200MB/s). + + +=head1 SUPPORT FOR THE PERL MULTICORE SPECIFICATION + +This module supports the perl multicore specification +(L) for all encryption/decryption +(non-aead > 4000 octets, aead > 400 octets), hashing/absorbing (> 400 +octets) and squeezing/prng (> 4000 octets) functions. + + =head1 SEE ALSO L.