On Thu, 19 Apr 2007 22:32:58 -0700
Aram Perez <[EMAIL PROTECTED]> wrote:

> Hi Folks,
> 
> First, thanks for all your answers.
> 
> The proposal for using AES128-CBC with a fixed IV of all zeros is for
> a protocol between two entities that will be exchanging messages.
> This is being done in a "standards" body (OMA) and many of the
> attendees have very little security experience. As I mentioned, the
> response to my question of why would we standardize this was "that's
> how SD cards do it".
> 
> I'll look at the references and hopefully convince enough people that
> it's a bad idea.
> 
Let me make a stronger statement.  If the standards group has "very
little security experience", they *will* get many things wrong.  They
desperately need to get several clueful individuals involved and
*listen* to them.

The WEP group made that mistake.  I use WEP in my classes as a case
study in how to do crypto wrong.



                --Steve Bellovin, http://www.cs.columbia.edu/~smb

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to