Actually, SRTP was the first time I saw CTR mode and I believe it predates NIST (i could be waaaay wrong there).
In SRTP, the counter is only 16 bits but that doesn't limit them to only encrypting 64K blocks of data, it only limits them to 64K blocks *in one rtp(udp) packet*. Obviously this isn't a limit as a udp packet cannot get that big. The "nouce" part is modified for each packet (based on info in the rtp header), so you can see there is no issue with counter overflow. What I was trying (unsuccessfully) to make a point about. Please don't code up your CTR mode to *just* do the NIST or Ipsec version of CTR mode. Please code a general CTR mode that can accommodate all the versions (including SRTP). I believe this is quite easy to do and does not require any special handling. That way, I can use your routines rather than my own, EVP-based, routines that kinda hack EVP under the covers and are probably going to be broken when I upgrade OSSL. :) (the other thing to remember is that CTR can be used with any block cipher, it's not limited to AES) regards, -lee > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Stephen Sprunk > Sent: Thursday, June 26, 2003 10:57 AM > To: [EMAIL PROTECTED] > Subject: Re: AES counter mode > > > Thus spake "Michael Sierchio" <[EMAIL PROTECTED]> > > Argument: let's write an Internet draft that describes the > use of AES CTR > > mode in SSLv3/TLSv1. We can do it however we like, modulo the usual > > criticism and review in the IETF working group(s). > > > > Comments? Rich? Richard? Stephen? > > I'm a bit more ambitious... We should specify NIST-style CTR > mode for all > octet stream applications within the IETF's domain, with SSL/TLS as an > example. For record-based systems, I don't know if NIST-style or > IPsec-style would be more appropriate :-( > > Can someone explain why the IPsec folks felt they needed to > reimplement CTR > mode, especially in a way which appears to create more problems? > > S > > Stephen Sprunk "God does not play dice." --Albert Einstein > CCIE #3723 "God is an inveterate gambler, and He throws the > K5SSS dice at every possible opportunity." --Stephen Hawking > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [EMAIL PROTECTED] > Automated List Manager > [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
