In message <[EMAIL PROTECTED]> on Thu, 26 Jun 2003 13:31:37 -0700, Michael Sierchio <[EMAIL PROTECTED]> said:
kudzu> Richard Levitte - VMS Whacker wrote: kudzu> kudzu> > OK, I've been follownig this discussion for a while, and it's time I kudzu> > ake action. Basically, to provide for all the current and future ways kudzu> > of handling the IV, I can see three alternatives: kudzu> > kudzu> > - have the application provide a function that manipulates the IV. kudzu> > - have the application specify exactly which part of the IV is the kudzu> > actual counter (in bit positions, or would byte positions be kudzu> > enough?). kudzu> > - a combination of the two (that would make our code extract the kudzu> > counters bits and only give those to the provided function, which kudzu> > then does the increment in any way it wishes). kudzu> kudzu> There's no need for an IV for SSL/TLS encryption with AES CTR mode. kudzu> All that's needed is a counter, and a mechanism to prevent using kudzu> more than 2^38 or so bytes of keystream without changing the key. Whatever, I used the terms like this: - IV is a bitstring of some sort (possibly random), of the same size as the crypto algorithm block. In the AES case, it would be 128 bits. - For CTR mode, the counter is a part of the IV. The rest of the IV is some kind of random bits (a nonce). Those are the conditions I'm working from. Makes sense? kudzu> > lee_dilkie> (the other thing to remember is that CTR can be used with kudzu> > lee_dilkie> any block cipher, it's not limited to AES) kudzu> > kudzu> > Absolutely. kudzu> kudzu> Not quite. You want to be sure to use block ciphers that are kudzu> differentially strong. AES is particularly well-suited. Point. -- Richard Levitte \ Tunnlandsvägen 3 \ [EMAIL PROTECTED] [EMAIL PROTECTED] \ S-168 36 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See <http://www.stacken.kth.se/~levitte/mail/> for more info. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]