Re: Re[2]: SymmetricCipher Decoder is not working if created dynamically.

[Voronkov Konstantin]

Hi Russell, The CFB mode according to your quote of Schneier "can be encrypted in units smaller  than the block size". Even more I'm using that with CFB mode with CryptoPP and that proved to work fine :) Thank you for concern, Voronkov Konstantin ----- Original Message ----- From: Russell Robinson To: Voronkov Konstantin Sent: Wednesday, June 02, 2004 12:30 PM Subject: Re[2]: SymmetricCipher Decoder is not working if created dynamically. Hi Konstantin, Voronkov> I wanted to ask you question about padding. IFAIK the CFB encryption Voronkov> mode produces the same output buffer size and Voronkov> input, and in the sample: Voronkov> http://www.eskimo.com/~weidai/cgi-bin/fom-serve/cache/79.html Voronkov> there is the same size for output buffer as for Voronkov> input. This is the CFB mode Voronkov> design to produce the same length buffer, am I wrong? According to Bruce Schneier in Applied Cryptography (p 200):           "Block ciphers can also be implemented as a           self-synchronizing stream cipher; this is called           cipher-feedback (CFB) mode.....In CFB mode, data can be           encrypted in units smaller than the block size." Apart from the IV needing to be transmitted with the ciphertext, I would take this to mean that the output buffer can indeed be the same size as the input buffer. However, if I don't something for sure, I make a conservative decision when implementing. I use CFB mode almost exclusively, and I've never assumed the output will be the same size as the input.  Plus, the addition of the IV to send to the decryptor means what I transmit is always going to be bigger. That's the really nice thing about Wei's filter classes.  They work with variable input and output, so you never really have to work with fixed length buffers. In the general case for block ciphers, however, I would assume that the output buffer must be a multiple of the block size. For example, if the block size is 8 bytes, and your plaintext is 100 bytes, then your output buffer would have to be 104 bytes (13 * 8 = 104) on encryption. I'm no expert in this field, so if the above conclusion is incorrect, could someone correct it, *PLEASE*, for the benefit of all? -- Russell Robinson (mailto:[EMAIL PROTECTED]) Author of Tectite (CRM and Licensing for Software Developers) Download your free CRM from: http://www.tectite.com/