[Top] [All Lists]

Re: Sample Twofish message

1999-04-08 18:18:02
Werner Koch says:
Okay, how can we resolve this conflict:
From section 5.7:
   The data is encrypted in CFB mode, with a CFB shift size equal to the
   cipher's block size.  The Initial Vector (IV) is specified as all
   zeros.  Instead of using an IV, OpenPGP prefixes a 10-octet string to
   the data before it is encrypted.  The first eight octets are random,
   and the 9th and 10th octets are copies of the 7th and 8th octets,
   respectively. After encrypting the first 10 octets, the CFB state is
   resynchronized if the cipher block size is 8 octets or less.  The
   last 8 octets of ciphertext are passed through the cipher and the
   block boundary is reset.

1. For 128-bit block ciphers shouldn't the prefix be increased to,
   say, 18 bytes?

2. Shouldn't all procedures be adjusted to 16 octets for such ciphers?

From section 12.8:.........

5.7 says that resync is only done for a blocksize <= 64 but 12.8 says
that is done always (the following step by step list also says this).

I'd abandon (or fix :-) 12.8.
Uri             uri(_at_)watson(_dot_)ibm(_dot_)com