[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Calling the question: derived vs. explicit IV
> From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
>
> I am keeping track of
> messages sent both to the list and to me privately; however, I'd ask
> that folks send their preferences to the list, if at all possible.
I expressed a preference for explicit IV privately simply to avoid
me-too-ism. But in the interest of open debate, ...
> From: Rob Adams <adams@cisco.com>
>
> Add me to the list of people supporting an explicit IV only.
>
> I agree with Mr. Rogers' comment that we shouldn't mandate what is in
> the IV. The two drafts I wrote, and I believe Roy's as well, suggest
> using the last block of the previous encryption pass. This is cheap
> and common. I only suggested that people use a pseudo-random value
> for the first pass... Ed said it best when he stated that he'd
> like to see ship what we've been testing for quite some time now. I
> do not believe we are "changing to" an explicit IV. I believe, if
> there is a change, it would be to derived IV. So I vote for sticking
> with explicit IV's.
Me too.