Re: Cohen's paper on byte order

From: Eugene Starokoltsev (eugene_o@gmx.net)
Date: 04/06/03


From: eugene_o@gmx.net (Eugene Starokoltsev)
Date: 6 Apr 2003 05:54:09 -0700


"Douglas A. Gwyn" <DAGwyn@null.net> wrote in message news:<3E8F6055.8000401@null.net>...
> Mok-Kong Shen wrote:
> > But is that a problem 'specific' to AES??
>
> Yes! Haven't you been paying attention? Other
> protocol specs for information interchange are
> careful to spell out all the details necessary
> for correct communication of the formatted data.
> AES does not. It is missing an essential
> component. Putting it another way, it was an
> excess of abstraction to change the specification
> from the original one, that concerned bits in
> storage, into one about abstract mathematical
> objects without a definite mapping between the
> abstract objects and actual storage objects.
> The connection with reality was thereby lost.

I can't agree with you. Indeed AES is just a solid block to create
strong cryptographic systems. AES does not define a lot of essential
components for reliable secure unambiguous communication, starting
from modes of operation and ending by characters encoding. But it is
not a defect of AES as a standard - you just need to use another
standards together with AES or define yours.

AES is defined on a sequences of 128 bits only as data and a sequence
of 128, 192 or 156 bits as a key. This definition is very unambiguous
and consistent - exectly what I need from a standard. In addition,
Rijndael structure is so as all combinations of bit and byte
endiannesses in the communacation channel and endianness of the
hardware executing the algorithm lead to implementations of equal
complexity - it was a goal of Rijndael's authors.

Note that "external interface" of SHA-1 is defined on bit sequences
only too.

BTW thinking of "files" as just sequences of bytes is common for Unix
world but is not a universal constant. So the "reality" is not a
well-defined term :)



Relevant Pages

  • Re: Cohens paper on byte order
    ... > Brian Gladman wrote: ... >> will claim that we can move bytes as bit sequences between machines without ... place it into AES FIPS as a requirement for implementation interface. ... AES is not information-exchange standard as it does not specify how ...
    (sci.crypt)
  • Re: Cohens paper on byte order
    ... > In my view AES implementations in software are tested using the external ... > byte array interface at which the bit sequence test vectors are applied or ... Hence the bit sequences referred to in the document ... an 8-bit units which AES calls a 'byte' in Fig.2 ...
    (sci.crypt)
  • Re: Cohens paper on byte order
    ... than early implementers of AES seem to have decided, ... of bit sequences. ... You further confused the issue in your rehash by ...
    (sci.crypt)
  • Re: Cohens paper on byte order
    ... sequences - there are sequences of bits written left to right and numbered ... Now let us assume that it is going to be treated as a little endian number - ... All that people want is that the FIPS should actually make it clear that AES ...
    (sci.crypt)
  • Re: Cohens paper on byte order
    ... > Why not make manufacturer t's depiction look like this: ... between different hardware. ... and as such is NOT in the proper domain of AES. ... > for this in the AES standard. ...
    (sci.crypt)