Re: applying AES-GCM to secure shell: proposed "tweak"

To: Nicolas.Williams%sun.com@localhost, pgut001%cs.auckland.ac.nz@localhost
Subject: Re: applying AES-GCM to secure shell: proposed "tweak"
From: Peter Gutmann <pgut001%cs.auckland.ac.nz@localhost>
Date: Thu, 09 Apr 2009 17:10:13 +1200

Nicolas Williams <Nicolas.Williams%sun.com@localhost> writes:

>Er, actually, I'm not sure.  It depends on what implementations do with it
>now when it's not set to 0.  Hmmm, what does the spec say to do about that
>field?  Sadly: nothing, at least not in section 7.1.

Well if it's RFU then it's implied that you ignore it, which has been the 
practice for RFU fields since at least the 1970s (in things like status flags 
registers), and probably even earlier but I wasn't playing with computer 
hardware back then.

How about a quick straw poll, since we've probably got a good number of
implemeters here.  If your implementation sees a non-zero value in the RFU
field, will it:

  1. Ignore it and continue, since it's RFU.
  2. Run Nethack, and failing that, emacs in Towers-of-Hanoi mode.
  3. Reformat the hard drive.
  4. ???
  5. Profit.

Peter.

Follow-Ups:
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Joseph Galbraith
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Joseph Galbraith

References:
- Re: applying AES-GCM to secure shell: proposed "tweak"
  - From: Nicolas Williams

Prev by Date: Re: applying AES-GCM to secure shell: proposed "tweak"
Next by Date: Re: applying AES-GCM to secure shell: proposed "tweak"
Previous by Thread: Re: applying AES-GCM to secure shell: proposed "tweak"
Next by Thread: Re: applying AES-GCM to secure shell: proposed "tweak"
Indexes:

Home | Main Index | Thread Index | Old Index