> I propose we go ahead and move to CFB mode in order to avoid this padding > problem. The downside is that it requires blocksize/8 times as much CPU > time (since it effectively encrypts one byte as one block. For blowfish, > this would be 64/8=8 times more than ECB.
You're describing 8-bit-shift CFB. The variant that shifts 64 bits at a time requires no more work than straight encryption. The rule is Ciphertext[N] = Encrypt(Ciphertext[N-1]) XOR Plaintext[N]. Initialize with Ciphertext[-1] = IV. To decrypt, Plaintext[N] = Encrypt(Ciphertext[N-1]) XOR Ciphertext[N]. Again, Ciphertext[-1] = IV. One nice thing about this mode is you only have to write an encryption function, you don't need decryption. The AES candidate Rijndael is specialized to be faster for encryption than decryption. Hal _______________________________________________ Freenet-dev mailing list Freenet-dev at lists.sourceforge.net http://lists.sourceforge.net/mailman/listinfo/freenet-dev
