A third option is : IVK1 = Hash(SS | intialization-vector1) IVK2 = Hash(SS | intialization-vector2) EK=Hash(SS | encryption) MK=Hash(SS | authentication) Then we define the sequence:
BUFFER1[0]=IVK1 BUFFER1[i] =Hash(BUFFER1[i-1]) BUFFER2[0]=IVK2 BUFFER2[i] =Hash(BUFFER2[i-1]) Encryption: C = AES(EK,BUFFER1[i] XOR BUFFER2[i]) XOR P Now the performance is approximately 33% of the original AES-CTR. _______________________________________________ OTR-dev mailing list [email protected] http://lists.cypherpunks.ca/mailman/listinfo/otr-dev
