Re: DEK-Info with multiple parameters

      In general, the value used as an IV with symmetric algorithms
need not be protected against disclosure.  In some instances it is


Curiously enough, the NSA rules for "expedited" export clearance (when
using RC2 and RC4) *require* that the IV be visible in plaintext, not
enciphered under the session key.

The NSA also recommends to people who ask, that you put a validation
string right up front in the message, under the encryption, which can
be checked by the recipient to verify that the decryption produced a
valid result.

Of course, both of these also happen to help people who have
precomputed all possible encryptions for quick search...but we don't
know anyone like that.

        John

<Prev in Thread]	Current Thread	[Next in Thread>
DEK-Info with multiple parameters, Jeff Thompson Re: DEK-Info with multiple parameters, David M. Balenson Re: DEK-Info with multiple parameters, Carl Ellison Re: DEK-Info with multiple parameters, Steve Kent Re: DEK-Info with multiple parameters, gnu <= Re: DEK-Info with multiple parameters, Steve Kent Re: DEK-Info with multiple parameters, Raymond Lau Re: DEK-Info with multiple parameters, Carl Ellison Re: DEK-Info with multiple parameters, Steve Kent Re: DEK-Info with multiple parameters, Carl Ellison Re: DEK-Info with multiple parameters, Raymond Lau

<Prev in Thread]

Current Thread

[Next in Thread>

Previous by Date:	Re: PEM MIME Content-Type, Peter Williams
Next by Date:	Re: DEK-Info with multiple parameters, Raymond Lau
Previous by Thread:	Re: DEK-Info with multiple parameters, Steve Kent
Next by Thread:	Re: DEK-Info with multiple parameters, Steve Kent
Indexes:	[Date] [Thread] [Top] [All Lists]

Previous by Date:

Re: PEM MIME Content-Type, Peter Williams

Next by Date:

Re: DEK-Info with multiple parameters, Raymond Lau

Previous by Thread:

Re: DEK-Info with multiple parameters, Steve Kent

Next by Thread:

Re: DEK-Info with multiple parameters, Steve Kent

Indexes:

[Date] [Thread] [Top] [All Lists]