[88268] in cryptography@c2.net mail archive
Re: More info in my AES128-CBC question
daemon@ATHENA.MIT.EDU (Travis H.)
Sat May 12 09:04:34 2007
Date: Wed, 9 May 2007 18:00:47 -0500
From: "Travis H." <travis+ml-cryptography@subspacefield.org>
To: cryptography@metzdowd.com
Mail-Followup-To: cryptography@metzdowd.com
In-Reply-To: <Pine.SOL.4.61.0705091705480.1775@mental>
--apSYfA7d5AHMku3c
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, May 09, 2007 at 06:04:20PM -0400, Leichter, Jerry wrote:
> However, cryptographically secure RNG's are typically just as expensive
> as doing a block encryption. So why not just encrypt the IV once with
> the session key before using it? (This is the equivalent of pre-pending
> a block of all 0's to each packet.)
There's many ways to deal with it if you're willing to do more crypts
per block. For example, you could derive an independent key and use
that to encrypt a counter for IVs... becoming a cryptographically
strong permutation... that'd work as long as you didn't send so many
IVs that you ran through most of the cycle (the last value in the
cycle is 100% predictable).
--=20
Kill dash nine, and its no more CPU time, kill dash nine, and that
process is mine. -><- <URL:http://www.subspacefield.org/~travis/>
For a good time on my UBE blacklist, email john@subspacefield.org.
--apSYfA7d5AHMku3c
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.1 (OpenBSD)
iQIVAwUBRkJSnmQVZZEDJt9HAQKiKBAAgZskXAFY+rX+QStkesY5RIcMtkZ4fVUl
chxt3Z55+8O4PznOmKC7PicwtxjQ7dr0tL+3rhcYeXThJb1OpAPeWEcK6rlinRBN
7lrbssSDnd+BOYmN1jirhgzO00ARX0SAHsPpy75rVueYE32ojBsPJDTlbJDyuA10
aBwoormCTrjwyUS3NNuKATtkfxyMlvY7UtfTn/TEtNcDxxdg3jXAg3Y9322Aooj0
GFL79i6qTZPCGLtpyOpwuv9pIDvv5Nqd+ySVSEFUPz2fkH6IoEu+Ie/LXBgucixH
fEkrTBKjr9AbbaUH/hXBgmQtUNYWUUpt9T2k6KkS08VBmDqhE3YCVcdBo2ZX0giq
cw8/PLqTUhAhEYT2nyovbtFLYU4Do8Rc99+nFCNlNX6SX8PH4rbZAZjaiYwDggW+
ZhhDyxIjGv+PRad7q4NMqtKubEpniHwvSyj2GjfUAmhz0ic+308KO5Ft/sSILttu
1f3DlDBUIGPm3wtk1GdeNir8+ywoEmFo1pzYvZwKPK7S8tmM088h+9F44cNgrDjv
1xwMOmwco+C1iXMngMuxFHMbAKARABRMP0jwU6bXeuguxzXYT1Kewe/0KwhF/5e6
GvlsjPZ5tjR4Z9/NnyQwtjIImUqlpxKREQ37cF53PnZ89l23qoQ4xUtanwql2Wwk
xIVHbaSUKRk=
=JGa1
-----END PGP SIGNATURE-----
--apSYfA7d5AHMku3c--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
