Hi Herbert.
On Thu, Nov 22, 2007 at 04:47:58PM +0800, Herbert Xu ([EMAIL PROTECTED]) wrote:
> This series of patches introduces IV generators which can be
> accessed through the givcrypt operation on block ciphers (other
> than crypto_blkcipher which should not be used for new code).
>
> The givcrypt operation is identical to encrypt except that the
> IV is generated by the algorithm instead of given by the user.
>
> Algorithms can either provide their own IV generator or (as
> most will do) use the default IV generators provided by the
> system. If no IV generator is specified by the system, then
> chainiv will be used for synchronous algorithms and eseqiv will
> be used for asynchronous algorithms.
>
> Counter mode algorithms (which include some stream ciphers) must
> choose something other than the default to ensure uniqueness for
> the IV.
Idea and implementation look very good, I have couple of comments on
patches and one generic comment here: you absolutely have to write at
least bits of documentation for this new interfaces, how they behave and
who and how should use it :)
--
Evgeniy Polyakov
-
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
