Re: ECB-Counter AES mode
- From: "Karl Malbrain" <malbrain@xxxxxxxxx>
- Date: Sat, 29 Nov 2008 09:23:51 -0800
"Blind Anagram" <nobody@xxxxxxxxxxx> wrote in message news:TvidnaJYt7tp9qzUnZ2dnUVZ8qbinZ2d@xxxxxxxxxxxxxxxxx
"Kristian Gjøsteen" <kristiag+news@xxxxxxxxxxxx> wrote in message news:ggr4f1$522$1@xxxxxxxxxxxxxxxxxxxxxxKarl Malbrain <malbrain@xxxxxxxxx> wrote:Is there an obvious weakness I'm overlooking in empressing a sequential
counter value over the plain text block with XOR prior to AES encryption and
removing the counter value after AES decryption?
That depends on what your security goal is, that is, what you are trying
to achieve.
Explain what you are trying to achieve and what you are doing to achieve
it, and perhaps someone can help.
I agree - we really need to know why a range of existing and reasonably well studied encryption modes have been rejected in favour of a home grown mode.
Designing secure encryption modes is _really_ hard so it should be a truly last resort, embarked on only when existing respected modes have been shown not to meet some essential application security requirement.
The application is an encrypted file with lots of redundancy (eg identical 16 byte segments) that is randomly read and written in blocks at given offsets. As I understand it, CTR mode by itself is insecure since the block number would be reused when updating a block.
Karl m
.
- Follow-Ups:
- Re: ECB-Counter AES mode
- From: Blind Anagram
- Re: ECB-Counter AES mode
- From: Kristian Gjøsteen
- Re: ECB-Counter AES mode
- References:
- ECB-Counter AES mode
- From: Karl Malbrain
- Re: ECB-Counter AES mode
- From: Kristian Gjøsteen
- Re: ECB-Counter AES mode
- From: Blind Anagram
- ECB-Counter AES mode
- Prev by Date: Re: A chosen plaintext attack for XXTEA
- Next by Date: Re: ECB-Counter AES mode
- Previous by thread: Re: ECB-Counter AES mode
- Next by thread: Re: ECB-Counter AES mode
- Index(es):
Relevant Pages
|
Loading
