Re: AES counter mode

Thu, 26 Jun 2003 11:13:16 -0700 

In message <[EMAIL PROTECTED]> on Thu, 26 Jun 2003 12:55:22 -0400, "Lee Dilkie" 
<[EMAIL PROTECTED]> said:

lee_dilkie> What I was trying (unsuccessfully) to make a point
lee_dilkie> about. Please don't code up your CTR mode to *just* do the
lee_dilkie> NIST or Ipsec version of CTR mode. Please code a general
lee_dilkie> CTR mode that can accommodate all the versions (including
lee_dilkie> SRTP). I believe this is quite easy to do and does not
lee_dilkie> require any special handling. That way, I can use your
lee_dilkie> routines rather than my own, EVP-based, routines that
lee_dilkie> kinda hack EVP under the covers and are probably going to
lee_dilkie> be broken when I upgrade OSSL. :)

OK, I've been follownig this discussion for a while, and it's time I
ake action.  Basically, to provide for all the current and future ways
of handling the IV, I can see three alternatives:

- have the application provide a function that manipulates the IV.
- have the application specify exactly which part of the IV is the
  actual counter (in bit positions, or would byte positions be
  enough?).
- a combination of the two (that would make our code extract the
  counters bits and only give those to the provided function, which
  then does the increment in any way it wishes).

lee_dilkie> (the other thing to remember is that CTR can be used with
lee_dilkie> any block cipher, it's not limited to AES)

Absolutely.  However, since it's currently very obviously an
experimental field, and it was originally requested for AES, that's
where we currently have it.  Of course, if we had general mode
implementation instead of having them implemented with each algorithm,
things would be easier.  Unfortunately, we get bit by performance hits
if we do that (I think it was Steve who said he'd experimented with
things like that some time ago).

-- 
Richard Levitte   \ Tunnlandsvägen 3  \ [EMAIL PROTECTED]
[EMAIL PROTECTED]  \ S-168 36  BROMMA  \ T: +46-8-26 52 47
                    \      SWEDEN       \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis                -- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/

Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to