IETF-SSH archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Core draft last call update.
On Mon, Mar 11, 2002 at 09:22:05AM +0000, David Wagner wrote:
> Markus Friedl wrote:
> >As to CTR: AFAIK in CTR mode the handling, formating of the counter
> >needs some work before we can agree, e.g the proposal for aes128-ctr in
> >IPsec makes size(ciphertext) != size(plaintext), so CTR should not be
> >added now, because it will delay the process significantly.
> >
> >So, if we would need a spec for OFB/CFB (with cipher block-sized
> >feedback) soon.
>
> Hmm. I must admit I'm a little confused: what are the reasons to
> prefer OFB mode over CTR mode? Are there some security reasons? Is it
> something else? I don't see anything terribly wrong with OFB mode,
> but I'd like to understand why it is preferred over CTR mode.
my point is that for CTR there is no common format (e.g.
how is the counter encoded, etc) whereas a spec for OFB mode
is simpler.
> P.S. I assumed that if there is a known security weakness, it would be
> disclosed in the RFC, so I'm surprised that you consider it a bad thing to
> have a paragraph describing the weakness.
i think it's bad to have such a paragraph without offering
alternative cipher modes.
Home |
Main Index |
Thread Index |
Old Index