Marc Mutz wrote:
>David Wagner wrote:
>> (However, it does get one
>> thing wrong: it claims that it's ok to use a serial number for your
>> IV. This is not correct, and I can give a reference for this latter,
>> subtler point, if you like.)
>>
>Yes, please.
One reference is
http://www.cs.ucdavis.edu/~rogaway/papers/draft-rogaway-ipsec-comments-00.txt
as other people mentioned.
>The IV would not contain any key material. If you have a cipher with a
>128 bit key and you need 64 bits of IV, you simply request 192 bits of
>"key", use the lower third for the IV and the upper third as the key.
Ahh, yes, this does sound ok. Sorry: I misunderstood your proposal.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Oct 23 2000 - 21:00:09 EST