[Top] [All Lists]

Re: Message Integrity

1999-04-22 09:49:56
uri <uri(_at_)watson(_dot_)ibm(_dot_)com> writes:

Werner Koch says:
However, to come to a solution we should use the
proposal and assign a new packet type to it (and add a version number
just in case we want to change it again).

If the above is the *plaintext* - I agree.  I personally like


implicit IV=0x00...0 and the plaintext prepended with random
128 bits.

So do I,  s/IV/random_bytes/

NO! With 128-bit cipher you MUST use 128-bit IV. [I understand it's

So we have to fix it in the RFC (I already implemented it this way).

Werner Koch at            keyid 621CC013