Ken, I plugged your latest vectors into my C implementation, and I agree that your vectors are correct, per the current definition of LRW. Further, my C implementation already passed all the vectors supplied in the Oct-2004 revision of "Draft Proposal for Tweakable Narrow-block Encryption." However, you did not address Rob's point. he was concerned that: Your latest test vectors follow the definition for LRW that I pasted from Rob's email. The result of this is that anybody implementing both LRW and GCM in software will have to either
Is that what you really want to do??? thanks, Michael Torla Freescale Semiconductor Ken Buchanan wrote:
|
Title: LRW test vectors
- LRW test vectors Ken Buchanan
- Re: LRW test vectors David McGrew
- Re: LRW test vectors Michael Torla
- RE: LRW test vectors Ken Buchanan