9

While implementing ciphers and hash functions, I often face a problem: where to find test vectors for it; so that I can guarantee my program is working correctly. It is generally a tedious job to find test cases.

Currently I am trying to gather test vectors for several ciphers and hash functions; including (but not limited to): RC4, all ciphers from eStream, DES (round-wise, if possible), 3DES, AES, …

To avoid looking in the wrong places: Where can I find test vectors for ciphers?

For a head-start, I put test cases of RC4 (correct me if I am wrong):

Key        (255, 255, 0, 255)
Keystream  23, 0, 135, 229, 197, 74, 253, 202, 72, 83, ...
Key        (0, 0, 0, 255, 127, 31)
Keystream  40, 172, 142, 137, 101, 124, 164, 50, 0, 172, ...

Related:

Community
  • 1
hola
  • 613
  • 6
  • 23

2 Answers2

13

For any of the algorithms approved by NIST you can usually find the test vectors in the Cryptographic Algorithm Validation Program (CAVP) - for instance for 3DES in appendix B and AES in appendix C. Test vectors are usually found in one of the appendixes or later sections of the documents.

For any others you should first look to the standard documents, preferably RFC's - for instance for RC4. If the standard documents do not contain test vectors then take an addition look at the company or organization; they often would have a separate document with test vectors. Some standards, such as the PKCS standards may also be referenced or copied by other standards, so if you cannot find it in one document you may want to look for copies. In general, cryptographic competitions require the submitter of proposals to include test vectors.

If you cannot find it that way you will have to rely on Google, or a forum such as this one. Or you could take a reference implementation and test your implementation against that. If that is not available, try and generate them yourself from the leading implementation.

Official test vectors are not always available, even in this day and age. If they are, they may not be complete in the sense that they would cover all possible code paths. Never just test against test vectors and think your implementation is sound or secure if they succeed; provide good coverage and remember to test your own corner cases.

Maarten Bodewes
  • 96,351
  • 14
  • 169
  • 323
3

Maarten's answer is totally right, but I would like to add a very convenient link:

The python library pyca features a Test vectors page in their documentation, which gives a very nice overview of test vector sources for all the schemes they have implemented.

Niklas
  • 103
  • 2
mat
  • 2,558
  • 1
  • 14
  • 28