Scroll to navigation

cryptopANT(3cryptopANT) cryptopANT(3cryptopANT)

NAME

cryptopANT - IP Address Anonymization Library

SYNOPSIS

#include <cryptopANT.h>






DESCRIPTION


The cryptopANT ip address anonymization library implements
    techniques for IPv4 and IPv6 address anonymization first described in:



  
'Prefix-Preserving IP Address Anonymization',

  

    

     Computer Networks, Volume 46, Issue 2, 7 October 2004, Pages 253-272,
      Elsevier.




commonly known as Crypto-PAn.


This implementation is provided by USC/ISI ANT project:
    http://ant.isi.edu




API Overview


int scramble_init_from_file(const char *keyfile, scramble_crypt_t c4, scramble_crypt_t c6, int *do_mac)




  

  
Initializes library from a keyfile and sets up underlying cryptographical
      mechanism for scrambling of IPv4 (c4) and IPv6 (c6) addresses. See
      scramble_crypt_t for possible values of c4 and c6. Typically used
      are: SCRAMBLE_NONE for no scrambling or SCRAMBLE_AES for
      scrambling using fast AES cypher. If the keyfile does not exist, it is
      created. This function internally calls scramble_readstate() and
      scrable_init(). Returns 0 if successful. SCRAMBLE_BLOWFISH
      uses blowfish cypher. While previously widely used, it's no longer
      recommended, as scrambling of ipv6 addresses can be very slow.






int32_t   scramble_ip4(uint32_t input, int pass_bits)
int32_t unscramble_ip4(uint32_t input, int pass_bits)




  

  
Scrambles or un-scrambles (input) IP address passing through first
      (pass_bits); the scrambled ip address is returned. Please note that even
      if (pass_bits) is 0, first few bits will be passed through to preserve
      class of the input IP. Both input and output IPs are in network byte
      order. Note that unscrambling is a costly operation and unscrambling a
      large number of different addresses can take a long time.






void   scramble_ip6(struct in6_addr *input, int pass_bits)
void unscramble_ip6(struct in6_addr *input, int pass_bits)




  

  
Scrambles or un-scrambles IPv6 address pointed to by (input)
      in-place , passing through first (pass_bits). Addresses are in
      network byte order. Note that unscrambling is a costly operation and
      unscrambling a large number of different addresses can take a long
    time.






int scramble_readstate(const char *keyfile, scramble_state_t *s)
int scramble_savestate(const char *keyfile, const scramble_state_t *s)




  

  
These functions can read scrambling keys from keyfile into memory pointed
      to by (s), or save/write previously initialized state (s) to a (keyfile).
      After state is read, the library still needs to be initialized by calling
      scramble_init() Return 0 on success.






int scramble_init(const scramble_state_t *s)




  

  
Initializes library using state pointed by (s). Returns 0 on success.
    

    

  










SEE ALSO


scramble_ips



  

  
is a binary for anonymizing textual IP addresses, which comes packaged
      with this library








AUTHORS


The cryptopANT library was written by



  

  
University of Southern California, Information Sciences Institute,
    CA.




The current version is available from "ANT Project"'s
    Web site at




http://ant.isi.edu






BUGS


Please send problems, bugs, questions, desirable enhancements,
    etc. to:




ant@isi.edu







  

    2024-01-24