On 7/18/13 4:36 AM, Tor Erling Bjørstad wrote:
What makes HC-* interesting to me is that it's pretty much as fast as one gets it, for a strong pure software cipher encrypting long streams of data. If one has a limited number of data streams that are pushing a huge number of bits over the wire, HC-* seems pretty appealing. If the use-case instead involves a zillion independent short packets that all need to be encrypted with a unique key/IV combo, then HC's performance will indeed suck.
It's the perennial problem that cryptographers design for theoretical scenarios. That's why it's better not to let them design net protocols. The average packet used to be 41 bytes. I think I read its now ~43 bytes, but even the average HTTP GET is ~600 bytes. Did they define operating for an actual traditional longer-term key with a per packet IV? If not, I'll just use my usual one. _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography