On Thursday, October 17, 2002, at 04:10 PM, Richard Levitte - VMS Whacker wrote:
Look at the CCM-mode spec, or the IPSEC proposed bindings for AES-CTR mode, and I think you'll see what I mean.
viega> Additionally, a lot of stuff built on counter mode is using a few bits
viega> of the counter for other purposes, so the effective counter size is
viega> less than the actual counter size. It would be nice to be able to add
viega> some sort of parameter that specifies the actual counter size, to
viega> prevent counter mode from continuing to encrypt when it's run out of
viega> counters.
I'm not sure if I understood that.
I mean have a generic implementation, not necessarily a generic interface. I was more thinking a counter mode macro that could be used to create counter mode instances for all block ciphers quickly. Additionally, if you were to create a COUNTER wrapper along the lines of the HMAC wrapper (clearly it'd need to be a bit different), you wouldn't need the indirection of a function pointer whatsoever, and would not need to explicitly instantiate macros.
viega> Also, why isn't counter mode implemented in a generic fashion? It's
viega> so simple, it should be usable with any block cipher without having to
viega> write additional code.
Ask yourself why OFB, CFB, CBC and ECB modes aren't implemented
generically. A hint: speed. Someone made a test having a generic CBC
that would take a pointer to the cipher function to use. The speed
apparently decreased enough for it to be an issue.
John
PGP.sig
Description: PGP signature
