Re: Core draft last call update.

To: Markus Friedl <markus%openbsd.org@localhost>
Subject: Re: Core draft last call update.
From: Wei Dai <weidai%eskimo.com@localhost>
Date: Thu, 14 Mar 2002 20:00:54 -0800

On Thu, Mar 14, 2002 at 09:36:28AM +0100, Markus Friedl wrote:
> I don't see a need to rush and consider CTR only, when CFB/OFB is
> less controversal and already supported by existing implementations.

I was not aware that existing implementations already support CFB/OFB. 
Apparently this is the case for OpenSSH, but it's not documented anywhere.
OpenSSH also seems to support ECB mode, which does not make any sense to
me. BTW, OpenSSH appears to use unregistered reserved names for these
ciphers, which violates section 5 of the architecture spec. 

The way OpenSSH implements OFB (assuming it's accurately documented by the
draft spec you sent in a later post) is different from how I would have
done it. I would pad each packet to a multiple of 8 instead of the block
size, but never mind.

As I mentioned earlier, in the interest of time I'm willing to compromise
and use OFB instead of CTR if we can get it into the core spec. If we have
to do an additional RFC we might as well go for CTR since that is
technically superior.

Follow-Ups:
- Re: Core draft last call update.
  - From: Markus Friedl
- Re: Core draft last call update.
  - From: Niels Provos

References:
- Re: Core draft last call update.
  - From: David Wagner
- Re: Core draft last call update.
  - From: Bill Sommerfeld
- Re: Core draft last call update.
  - From: Wei Dai
- Re: Core draft last call update.
  - From: Markus Friedl

Prev by Date: Re: a more detailed analysis of "known IV" vulnerability.
Next by Date: Re: Core draft last call update.
Previous by Thread: Re: Core draft last call update.
Next by Thread: Re: Core draft last call update.
Indexes:

Home | Main Index | Thread Index | Old Index