Hi Konstantin,
Voronkov> I wanted to ask you question about padding. IFAIK the CFB encryption
Voronkov> �mode produces the same output buffer size and
Voronkov> input, and in the sample:
Voronkov> http://www.eskimo.com/~weidai/cgi-bin/fom-serve/cache/79.html
Voronkov> there is the same size for output buffer as for
Voronkov> input. This is the CFB mode
Voronkov> �design to produce the same length buffer, am I wrong?
According to Bruce Schneier in Applied Cryptography (p 200):
"Block ciphers can also be implemented as a
self-synchronizing stream cipher; this is called
cipher-feedback (CFB) mode.....In CFB mode, data can be
encrypted in units smaller than the block size."
Apart from the IV needing to be transmitted with the ciphertext, I
would take this to mean that the output buffer can indeed be the same
size as the input buffer.
However, if I don't something for sure, I make a conservative decision
when implementing. I use CFB mode almost exclusively, and I've never
assumed the output will be the same size as the input. Plus, the
addition of the IV to send to the decryptor means what I transmit
is always going to be bigger.
That's the really nice thing about Wei's filter classes. They work
with variable input and output, so you never really have to work with
fixed length buffers.
In the general case for block ciphers, however, I would assume that
the output buffer must be a multiple of the block size.
For example, if the block size is 8 bytes, and your plaintext is 100
bytes, then your output buffer would have to be 104 bytes (13 * 8 =
104) on encryption.
I'm no expert in this field, so if the above conclusion is incorrect,
could someone correct it, *PLEASE*, for the benefit of all?
--
Russell Robinson (mailto:[EMAIL PROTECTED])
Author of Tectite (CRM and Licensing for Software Developers)
Download your free CRM from: http://www.tectite.com/
