[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Two AES encryption modes?
Excerpt of message (sent 24 July 2002) by Gregory Lebovitz:
> If AES-CTR comes to fruition quickly, can someone put forth an argument for
> continuing to use AES-CBC?
>
> (To clarify, I am not challenging us to drop AES-CBC, I just want to hear
> cryptographers explain why we would/would not need both).
Several possible reasons:
1. You have hardware that implements AES-CBC but not AES-CTR.
2. You want to use manual keying and therefore may send more than one
packet with the same IV. With CBC that doesn't compromise the
confidentiality of the data; with counter mode it does.
In my view, #1 is a sufficient reason.
paul