Peter Gutmann wrote:
Jon Bright <jon%siliconcircus.com@localhost> writes:Having read various other comments and thought about it a bit, my favoured solution is to REQUIRE 3des-ctr if *any* of the newmodes ciphers areimplemented.I think 3DES-CTR is even less likely to be supported in hardware than AES-CTR, for AES it's a new(ish) cipher so people may at some point implement trendy new modes, but 3DES has been consigned to the legacy bin and is unlikely to be updated at any point.
So long as the hardware supports 3DES (or even DES) ECB, it shouldn't be more than a few instructions to get 3DES-CTR. As far as I'm aware, there's plenty of hardware that does DES ECB...
-- Jon Bright Silicon Circus Ltd. http://www.siliconcircus.com