I see that with the release of Crypto++ 3.2 there was an endian bug corrected in the implementation of Serpent.
Has anyone since then tested the implementation against the KATs from the serpent web page (http://www.cl.cam.ac.uk/~rja14/serpent.html)? I noticed that while Crypto++ 5 will pass its -v test against the serpentv.dat file, it doesn't pass the KATs from the serpent web page (at least not for me). Further an implementation of serpent (GNU Crypto) that does pass all the KATs from the serpent web page doesn't pass the serpentv.dat file (at least not for me). Is there something that I am missing? Or is there an endian bug in crypto++ 5's implementation? The only differences between Crypto++'s implementation and GNU Crypto's is the ordering of the key, input blocks, and output blocks. Anyways... Here are some KATs from the serpent homepage. Can anyone else get Crypto++ to pass these? Is there something else I am missing? KEY=00000000000000000000000000000000 PT =80000000000000000000000000000000 CT =10b5ffb720b8cb9002a1142b0ba2e94a KEY=80000000000000000000000000000000 PT =00000000000000000000000000000000 CT =49afbfad9d5a34052cd8ffa5986bd2dd KEY=008000000000000000000000000000000000000000000000 PT =00000000000000000000000000000000 CT =5587b5bcb9ee5a28ba2bacc418005240 Thanks Sean
