Re: ADVERT: Secure communications.
From: Benjamin Choi (nospam_at_technosoft21.com)
Date: 11/05/03
- Next message: Richard Heathfield: "Re: One-Time_Pad"
- Previous message: Roger Schlafly: "Re: NSA chooses ECC"
- In reply to: Michael Amling: "Re: ADVERT: Secure communications."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 4 Nov 2003 18:57:19 -0800
Michael Amling <nospam@nospam.com> wrote in message news:<_LOpb.11586$8x2.6038298@newssrv26.news.prodigy.com>...
> Benjamin Choi wrote:
> > ggr@qualcomm.com (Gregory G Rose) wrote in message news:<bo74hh$4bu@qualcomm.com>...
> >
> >>AES in CTR mode *is* a stream cipher, so your
> >>advice to avoid stream ciphers because of
> >>potential misuse applies identically to your own
> >>recommendation. Anyway, if you need message
> >>integrity, you really need it; there are no
> >>acceptable half-measures.
> >>
> >>Greg
> >
> >
> > What I meant was: if you really need to use a stream cipher, AES-CTR
> > is a good choice (because of its huge keystream period, high exposure
> > to cryptanalysis and speed) rather than an unknown, unanalysed
> > algorithm like Leopard14 or my own adhoc stream cipher algorithm. But
> > I prefer not to use stream ciphers since there is the risk of message
> > integrity attacks. I would prefer, say, AES or Twofish in CBC mode.
>
> A MAC applied to a stream cipher's ciphertext will assure its
> integrity just as well as a MAC applied to a CBC ciphertext.
>
> --Mike Amling
OK, thanks.
I have lots to learn. ;)
-- Benjamin Choi
- Next message: Richard Heathfield: "Re: One-Time_Pad"
- Previous message: Roger Schlafly: "Re: NSA chooses ECC"
- In reply to: Michael Amling: "Re: ADVERT: Secure communications."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
