Re: Authenticated cipher modes

To: Ben Harris <bjh21%bjh21.me.uk@localhost>
Subject: Re: Authenticated cipher modes
From: Henrick Hellström <henrick%streamsec.se@localhost>
Date: Thu, 21 Apr 2005 17:53:12 +0200

Ben Harris wrote:

2: Feed a counter through a one-way function (either a block cipher or a
   hash) to generate the nonce.  This is more expensive (at least if you
   use a hash), but saves on network traffic and means that the sequence
   number is implicit in the nonce so that it need not be processed by
   Helix (though it may as well be, since doing so is cheap).

The obvious solution would be to use a separately keyed instance ofHelix as a continuous PRNG. The PRNG seed (i.e. the second Helix key andnonce) could be the initial IV from the NEWKEYS.



--
Henrick Hellström
www.streamsec.com

Follow-Ups:
- Re: Authenticated cipher modes
  - From: Ben Harris

References:
- Re: Authenticated cipher modes
  - From: Ben Harris
- RE: Authenticated cipher modes
  - From: denis bider
- Re: Authenticated cipher modes
  - From: Ben Harris
- Re: Authenticated cipher modes
  - From: Henrick Hellström
- Re: Authenticated cipher modes
  - From: Ben Harris

Prev by Date: Re: Authenticated cipher modes
Next by Date: Re: Authenticated cipher modes
Previous by Thread: Re: Authenticated cipher modes
Next by Thread: Re: Authenticated cipher modes
Indexes:

Home | Main Index | Thread Index | Old Index