Have people considered seperating the mode from cipher used? Each cipher
would have a small number of functions and constants to define
(functions: expand_key and encrypt_block (which would also decrypt
block), and constants: key_length, expanded_key_length, and
block_length). The next layer would be multi-encryption (for instance,
3-EDE). The layer above that would be mode (CBC, code book, etc). The
encoding would then be something like:
CBC-3EDE-DES
With the three parts each going to the three layers.
This would keep code bloat down (among other things, like making
experimentation easier). There would be a slight cost in performance (a
couple of extra function calls, and the dropping of some possible
optimizations- like dropping the initial/final permutations between
rounds of 3DES).
Thoughts?
Brian
Any resemblance of these opinions to the opinions of Brian Hurt, Bit 3
Computer Corporation, or any individual living or dead is purely
coincidental.