Re: Granularity of authentication in swIPe

[Steve Kent <kent@BBN.COM>]

Phil,

	I don't want to posit the need for random IVs solely on a need
to support SKIPJACK and the LEAF; they merely provide an example of a
cryptosystem where the IV function could not be satisfied by a
sequence number.  However, to address your specific question, Matt
Blaze pointed out that one could use SKIPJACK on the Tessera card in
ECB mode, where an IV is not really needed, and externally perform the
operations to implement CBC mode.  In that context, one could use a
sequence number as an IV.  As for performance, the current Tessera
cards are best viewed as prototypes and the production versions will
probably show better performance due to improvements in card firmware
and driver software, a natural result of experience.  Thus, in the
long run, I would expect performance to be better for CBC mode
implememented on the card, vs. an externally implemented version.

Steve

---

References:

• Re: Granularity of authentication in swIPe
• From: Phil Karn <karn@qualcomm.com>

---

• Prev by Date: Re: Granularity of authentication in swIPe
• Next by Date: Re: Granularity of authentication in swIPe
• Prev by thread: Re: Granularity of authentication in swIPe
• Next by thread: Re: Granularity of authentication in swIPe
• Index(es):
  • Main
  • Thread