Luc Perthuis wrote:
Hello,
Any advice on this ECB like behaviour of CTR will be highly appreciated.
We are currently integrating openssl in our application.
One of the goals is to use symetric encription on streams of data to
keep them encrypted on a storage device (1).
As far as we are concerned, CTR mode seems to be a good choice for this
goal.
The idea is to use (according to some parameters) either des, 3des, aes,
blowfish or cast5.
Another parameter also permits to chose one hash algorithm.
As openssl does not support CTR mode, it is derived from OFB (as in
EVP_get_cipherbyname(SN_aes_192_ofb128) for instance).
How are you deriving CTR from OFB?
You may want to take a look at void AES_ctr128_encrypt() in
crypto/aes/aes_ctr.c (at least, that's where it is in my 0.9.7j-dev
source). I've used it to both encrypt and decrypt successfully. On our
hardware, OpenSSL's CTR performance is *excellent* compared with other
AES modes. Start with num=0 and a bzero'ed ecount_buf and you should be
good to go.
- Marty
--
Marty Lamb
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
