On Sat, Jul 12, 2014, Jitendra Lulla wrote: > > > Based on the discussions on this thread so far, I now know that doing > xts with openssl enc command is not advisable. I should try some other > app with openssl.
Not only not advisable it wont work properly. The enc command assumes that the underlying cipher can stream whereas XTS is a one shot version. We should really block use of XTS mode in enc completely. > Also the changes I am proposing may not be acceptable for similar reasons. > It may be that your implementation of an AF_ALG EVP_CIPHER for XTS can be changed so it works with unmodified OpenSSL. The OpenSSL XTS implementation is a software implementation and some techniques it uses wont be appropriate. Is the EVP_CIPHER code you're using for XTS available somewhere? Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
