On Sun, 10 Dec 2000, Rodney Thayer wrote: > P.s, when he spoke at Stanford I asked about patents and he said > it was patented, and he said NIST is trying to get them to put it > in the public domain. There are slides for it online at http://csrc.nist.gov/encryption/aes/modes/slides-jutla/index.htm it's not hard to figure it out just from the slides - there are actually two methods given, one which requires an extra lg(n) encryptions and one which requires two extra encryptions but has a bunch of modular arithmetic. Rijndael is so fast I suspect the second one might not prove all that useful. It really does, as advertized, offer MAC for almost no overhead, and parallelization for free. It would be a shame for these modes to not get used because of stupid patent bullshit. -Bram Cohen (who thinks doing the xors as a gray code instead of binary countup was a nice touch.)
- IBM press release - encryption and authentication P.J. Ponder
- Re: IBM press release - encryption and authent... Bram Cohen
- Re: IBM press release - encryption and aut... Paulo S. L. M. Barreto
- Re: IBM press release - encryption and... Bram Cohen
- Re: IBM press release - encryption... David Honig
- Re: IBM press release - encryption and aut... Rodney Thayer
- Re: IBM press release - encryption and... Bram Cohen
- Re: IBM press release - encryption... Nikita Borisov
- Re: IBM press release - encry... Greg Rose
- Re: IBM press release - e... Nikita Borisov
- Re: IBM press release - encryption and aut... Rich Salz
- Re: IBM press release - encryption and... Bram Cohen
- Re: IBM press release - encryption and... Paul Crowley
- Re: IBM press release - encryption and authent... Steven M. Bellovin
- Re: IBM press release - encryption and aut... Enzo Michelangeli
- Re: IBM press release - encryption and... Nikita Borisov
- Re: IBM press release - encryption... Bram Cohen
