I agree that CFB1 and CFB8 are not too useful. But I presume that CFB128, CFB192 and CFB256 with plaintext sizes of 16 octets or greater should be OK? Chris Brook
-----Original Message----- From: Richard Levitte - VMS Whacker [mailto:[EMAIL PROTECTED]] Sent: Monday, October 07, 2002 4:17 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: NIST AES Validation In message <001101c26e28$d85e6f90$[EMAIL PROTECTED]> on Mon, 7 Oct 2002 13:42:01 -0400, "Chris Brook" <[EMAIL PROTECTED]> said: cbrook> I have been running the NIST AES Algorithm Validation Suite cbrook> (AVS) using the OpenSSL crypto library and all the results for cbrook> all the modes come out as predicted, except for CFB 1-bit cbrook> which is not supported by OpenSSL and CFB 8-bit which returns cbrook> a "wrong" result. CFB 128-bit is fine. No surprise there, only CFB-128 is implemented. If you look at other algorithms that also implement a CFB mode, you will see that only the CFB variant with the same feedback blocksize as the algorithm in question is implemented. That's how Eric Young did it, and honestly, I didn't find any reason for doing it differently for AES, as it seem like the existing implementations are all that are used in SSL (which is basically what sets the first requirements). If you can point out where there would be a practical use for 1-bit or 8-bit CFB, we might reconsider. -- Richard Levitte \ Spannv�gen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See <http://www.stacken.kth.se/~levitte/mail/> for more info. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
