Hi list, This should be a pretty simple question for this list, so please pardon my ignorance. But better to ask than to continue in ignorance. :-)
NIST refers to "combined" cipher modes as those supporting *both* authenticity and confidentiality, such as GCM and CCM. So my first question: Are there ANY "combined" cipher modes for block ciphers that do not cause the ciphers to act as a key stream? (That seems to be cause most of the ones I found build the confidentiality piece around CTR mode.) If "yes", please name a few (especially those with no patent restrictions). I know when you have a cipher that acts in a streaming mode, that you need to be careful to use a unique IV for every encryption performed with the same key. So my second question is, if all the "combined" cipher modes all cause a cipher to act as if it is in a streaming mode, is it okay to just choose a completely RANDOM IV for each encryption? Because it sure doesn't seem to be feasible to record all the IVs for a given key to make sure that an IV isn't reused. If that is not acceptable, then how does one ever address this? Thanks, -kevin -- Blog: http://off-the-wall-security.blogspot.com/ "The most likely way for the world to be destroyed, most experts agree, is by accident. That's where we come in; we're computer professionals. We *cause* accidents." -- Nathaniel Borenstein _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
