john(_dot_)dlugosz(_at_)kodak(_dot_)com writes:
An issue with the document (I'm reading bis-07): step 12 includes "the
process is repeated...". It doesn't say "this process" means steps 10
through 12 (only 10 must contain n*BS+3 etc instead of BS+3, etc.). And is
that really part of step 12?
Having just looked at -07, I agree that step 12 should be re-worded
to make it more clear. Right now it says:
11. FR is encrypted to produce FRE.
12. FRE is xored with the next BS octets of plaintext, to produce
the next BS octets of ciphertext. These are loaded into FR and
the process is repeated until the plaintext is used up.
I would suggest:
12. FRE is xored with the next BS (or fewer) octets of plaintext,
to produce the next BS (or fewer) octets of ciphertext. If
this step has used all the remaining plaintext, the process is
complete. Otherwise, the BS octets of ciphertext are loaded
into FR and the process is repeated (go back to step 11).
Is this more clear? It makes it clear that the final block can be
smaller than BS octets, and it's explicit about what part of the
process is repeated (for those who couldn't intuit it from what to do
after 'these are loaded into FR' ;).
--John
-derek
--
Derek Atkins
Computer and Internet Security Consultant
derek(_at_)ihtfp(_dot_)com www.ihtfp.com