On 15 August 2013 09:21, Tomas Mraz <tm...@redhat.com> wrote: > Hello OpenSSL developers, > > in a review of the AES GCM code it was found that there might be some > requirements that are placed by SP800-38D document missing. > > Especially there is no checking that the key is not used with more than > 2^32 different IV values. Did I overlook it and the test is there? Or is > the test not needed because in real life situation this cannot happen? I > suppose it might happen if the key is not renegotiated during lengthy > connections with transfer of data in TB range? >
How would you propose that the code tests this property? > -- > Tomas Mraz > No matter how far down the wrong road you've gone, turn back. > Turkish proverb > (You'll never know whether the road is wrong though.) > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List openssl-dev@openssl.org > Automated List Manager majord...@openssl.org >