[Top] [All Lists]

Re: Next Steps (was Re: RFC 4880 on OpenPGP Message Format)

2007-11-06 07:58:40

On Tue, Nov 06, 2007 at 08:36:23AM -0500, Derek Atkins wrote:

Have you actually tried using a block cipher like AES, or are you
basing this "may perform really poorly" only on guesswork?
Seriously...  AES was specifically designed to work well in small
systems like cell phones, have you actually tried it?

Yes, I have tried AES. It is still almost an order of magnitude slower than
I'd also suspect that any Public Key operations would take much more
time, although it sounds like you aren't using that part of the spec
at all.


Go ahead, but we've discussed ArcFour previously and decided it was
too dangerous and didn't fit into the CFB cipher context modes. 

I don't think it is dangerous if done properly, but it definitely does not
fit into CFB cipher condext mode (which, by the way, is another thing that
is worth considering for retirement).

Actually, I am leaning toward introducing a general stream cipher mode of
which block ciphers operated in CTR mode are a special case. CTR has much
nicer theoretical properties than CFB in the sense that security assumptions
for block ciphers imply certain security properties for the stream cipher.

please send in your specs so we can see them and others on the list
can give their opinion.




Attachment: signature.asc
Description: Digital signature

<Prev in Thread] Current Thread [Next in Thread>