Re: Core draft last call update.

To: Wei Dai <weidai%eskimo.com@localhost>
Subject: Re: Core draft last call update.
From: Markus Friedl <markus%openbsd.org@localhost>
Date: Mon, 11 Mar 2002 10:09:07 +0100

On Sun, Mar 10, 2002 at 09:38:49PM -0800, Wei Dai wrote:
> Given that the problem was found in time, and that the fix is simple (I've
> already provided the suggested language), why not just agree to fix it
> now? I'm new to the IETF standardization process, but how much time could
> it possibly take to put in the fix? If CTR mode is too controversial
> (although I don't know why it would be and still haven't seen a
> substantial argument against it) I would be willing to compromise by using
> OFB or CFB mode instead. 

Personally I think it would be better to add OFB and/or CFB modes than
to scare people in the draft by saying: "we use CBC but CBC can be
broken easily" (this is how people will read it).

As to CTR: AFAIK in CTR mode the handling, formating of the counter
needs some work before we can agree, e.g the proposal for aes128-ctr in
IPsec makes size(ciphertext) != size(plaintext), so CTR should not be
added now, because it will delay the process significantly.

So, if we would need a spec for OFB/CFB (with cipher block-sized
feedback) soon.

Having a paragraph about the dangers of CBC is a bad idea unless
we offer alternatives to CBC in the very same document.

Follow-Ups:
- Re: Core draft last call update.
  - From: David Wagner

References:
- Re: Core draft last call update.
  - From: Bill Sommerfeld
- Re: Core draft last call update.
  - From: Wei Dai

Prev by Date: Re: Core draft last call update.
Next by Date: Re: Core draft last call update.
Previous by Thread: Re: Core draft last call update.
Next by Thread: Re: Core draft last call update.
Indexes:

Home | Main Index | Thread Index | Old Index