>From: Ian Grigg <[EMAIL PROTECTED]> >Sent: Oct 10, 2004 11:11 AM >To: Metzdowd Crypto <[EMAIL PROTECTED]> >Subject: AES Modes
>I'm looking for basic mode to encrypt blocks (using AES) >of about 1k in length, +/- an order of magnitude. Looking >at the above table (2nd link) there are oodles of proposed >ones. >It would be nice to have a mode that didn't also require >a separate MAC operation - I get the impression that >this is behind some of the proposals? I think CCM is just about perfect for this goal. The MAC isn't free, but it's integrated into the chaining mode. There are also some patented modes that provide a MAC for almost no extra computation(OCB, IACBC), and some proposed modes that combine an efficient, parallelizeable MAC with encryption in a secure way (CWC,GCM), though none of these are standards yet. >iang --John --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]