Re: Electronic Codebook/Cipher Block Chaining/Cipher Feedback/ Output Feedback
From: Tom St Denis (tomstdenis_at_iahu.ca)
Date: 12/30/03
- Next message: David A. Scott: "Re: Electronic Codebook/Cipher Block Chaining/Cipher Feedback/ Output Feedback"
- Previous message: Simon Johnson: "Re: Good Program That Creates OTPs?"
- In reply to: Benjamin Choi: "Re: Electronic Codebook/Cipher Block Chaining/Cipher Feedback/ Output Feedback"
- Next in thread: David A. Scott: "Re: Electronic Codebook/Cipher Block Chaining/Cipher Feedback/ Output Feedback"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 30 Dec 2003 15:15:03 GMT
"Benjamin Choi" <nospam@technosoft21.com> wrote in message
news:7eeb3109.0312300142.4b25e967@posting.google.com...
> > Generally though if you're trying to sell [not always in the $$$ sense]
a
> > cryptosystem you will want to use a standard algorithm. Sure MARS is
> > popular but AES is much more popular [specially amongst non-nerds, the
types
> > you'd have to sell it to anyways].
>
> Maybe he's not going to sell it? In any case, it doesn't really matter
> which block cipher you use as long as it's reasonably strong. If it's
> a standard, that's a good bonus.
Didn't I just say "not always in the $$$ sense". Replace sell with convince
people to use.
Plus AES has had wickedly more attention than MARS [which makes it a good
idea to use AES over MARS]
> > Um, CFB mode has an IV just like CTR [and it has to be unique also]. If
you
> > mean incrementing the counter that's trivial todo [hint: LTC has CTR
code
> > ;)]
> >
> > CTR has the benefit [over CFB] of seekability and a known period.
> How about CBC? CBC works fine with a constant IV, and you don't have
> to worry about periods. The only problem is that you may have to do
> some padding. Probably you could pad with random bits, but first
> measure the plaintext length as a 128-bit integer, encrypt it and send
> it as an extra block. Then you can snip out the padding after
> decryption easily.
Still CTR has seekability over CBC [and error recovery].
> > Having a cipher conform to test vectors means little about the overall
> > security. For instance, my early work [like Peekboo] didn't conform to
test
> > vectors but I doubt it was overly insecure [I dunno if I had a MAC on
the
> > DCC system...].
> If you use a good protocol (such as SSL/TLS) and mode (such as CBC),
> and the block cipher used is public and known to be quite strong and
> conforms to test vectors, I don't see what can go wrong.
Many things can go wrong. You could invoke the library wrong, you could
handle your secrets wrong, you can assign trust wrong, ...
> > > > [Cheap plug, my LibTomCrypt implements basically all of the
algorithms
> > and
> > > > protocols you will need to implement most cryptosystems].
> > > As I wrote above... :)
> >
> > LibTomCrypt isn't a cryptosystem. It's a library of cryptographic
> > algorithms.
> But it would be good if everyone wrote a library of cryptographic
> algorithms to learn how they work. One could even learn about
> diffusion structures, etc.
Hmm I'd argue otherwise. A crypto library is a lot of work most of which
doesn't have todo with cryptanalysis [at all]. If you want to learn
cryptanalysis read papers, implement the attacks, etc...
Writing a crypto library is more of an exercise in software development than
anything else.
Tom
- Next message: David A. Scott: "Re: Electronic Codebook/Cipher Block Chaining/Cipher Feedback/ Output Feedback"
- Previous message: Simon Johnson: "Re: Good Program That Creates OTPs?"
- In reply to: Benjamin Choi: "Re: Electronic Codebook/Cipher Block Chaining/Cipher Feedback/ Output Feedback"
- Next in thread: David A. Scott: "Re: Electronic Codebook/Cipher Block Chaining/Cipher Feedback/ Output Feedback"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
