Re: crypto(4) and IVs

To: tls%rek.tjls.com@localhost
Subject: Re: crypto(4) and IVs
From: "Nathan J. Williams" <nathanw%wasabisystems.com@localhost>
Date: 29 May 2005 15:22:40 -0400

Thor Lancelot Simon <tls%rek.tjls.com@localhost> writes:

> > It appears to assume that any cryptosystem with an IV is doing
> > CBC-style feedback.  This will break when someone gets around to adding
> > the counter modes (see draft-ietf-secsh-newmodes-03.txt), unless their
> > state is represented somewhere other than the IV storage....
> 
> I don't have access to any hardware that does any counter mode (I'm not
> even sure if there is any, yet).  If you do, I agree that you're probably
> going to have to do some interface and client code bashing to make it
> work right.

Such hardware does exist; for example, the built-in "SEC 2.0" security
enging on the Freescale MPC8555E/MPC8541 SoC devices. See

http://www.freescale.com/webapp/sps/site/prod_summary.jsp?code=MPC8555E

Both the reference manual and application note 2755 go into detail on
the capabilites of the security engine, which includes AES counter
mode, HMACs, lots of elliptic curve stuff I don't understand...

        - Nathan

References:
- crypto(4) and IVs
  - From: der Mouse
- Re: crypto(4) and IVs
  - From: Thor Lancelot Simon
- Re: crypto(4) and IVs
  - From: der Mouse
- Re: crypto(4) and IVs
  - From: Thor Lancelot Simon

Prev by Date: Re: crypto(4) and IVs
Next by Date: Re: crypto(4) and IVs
Previous by Thread: Re: crypto(4) and IVs
Next by Thread: Re: crypto(4) and IVs
Indexes:

Home | Main Index | Thread Index | Old Index