Re: CBC makes Implementations too Slow.

[Michael Cyr <mikecyr@austin.ibm.com>]

On Tue, 30 Oct 2001, Steven M. Bellovin wrote:

> CBC mode requires 
> feedback, which makes it impossible to pipeline encryptions; you can't 
> encrypt plaintext block P[n+1] until you have the ciphertext from 
> encrypting P[n].

I know this discussion was a while ago, but I have a question related to
the problem.  First, let me say that I'm new to the list, and still
somewhat new to IPsec in general, so I hope you'll forgive any ignorance
on my part.

Would it be a complete violation of the protocol to use random data for
the IV data instead of a portion of the ciphertext of the previous
block?  I know this violates the spirit of cipher block _chaining_, but
it would seem to address the concern that CBC was meant to fix, which is
to ensure that if the same cleartext is encrypted twice, it doesn't
produce the same ciphertext.  Anyone have a definitive answer on this?

Thanks,

----------------------------------------------------------------------
Michael Cyr      | Phone 512-838-2943 |mikecyr@austin.ibm.com .. Email
AIX IP Security  | Tie-Line  678-2943 |
Austin, TX       | FAX   512-838-3509 |-------------------------------

---

Follow-Ups:

• Re: CBC makes Implementations too Slow.
• From: Dave Perks <Dave_Perks@mitel.com>
• RE: CBC makes Implementations too Slow.
• From: "Joseph D. Harwood" <jharwood@vesta-corp.com>
• Re: CBC makes Implementations too Slow.
• From: Stephen Kent <kent@bbn.com>
• Re: CBC makes Implementations too Slow.
• From: Paul Koning <ni1d@arrl.net>

---

• Prev by Date: Correction -- ESP draft
• Next by Date: Re: SOI: identity protection and DOS
• Next by thread: Re: Status of ID: IPsec Flow Monitoring MIB
• Index(es):
  • Main
  • Thread