Encryption In Mosvm and Mosref

MOSVM has encryption tools built-in. The two currently available standards are AES (see <aes-key>) and ECDH (see <ecdh-key>).

Fortuna Pseudo Random Number Generator (Fortuna PRNG)

While MOSVM has access to the host environment's entropy pool, either via /dev/urandom or the Microsoft Cryptographic Services Provider, entropy is a scarce resource. The Fortuna PRNG, among others, is employed by MOSVM to extend the usefulness of the entropy pool without significantly reducing its strength for padding plaintext to match cipher block sizes.

Advanced Encryption Standard (AES)

MOSVM provides the AES block cipher, with key sizes up to 256 bits, which is sufficient to satisfy the NSA's more stringent Suite B requirements.

Elliptic Curve Diffie-Hellman (ECDH)

The ECDH Key Agreement Protocol is provided by MOSVM to provide a secure means for determining a ephemeral key by use of a disclosable public ECDH key. In many contexts, key agreement via ECDH can be considered safer than key exchange via RSA.