[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt

To: "Housley, Russ" <rhousley@rsasecurity.com>
Subject: Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt
From: Stephen Kent <kent@bbn.com>
Date: Tue, 27 Aug 2002 20:34:44 -0400
Cc: ipsec@lists.tislabs.com
In-Reply-To: <5.1.0.14.2.20020827165406.03057820@exna07.securitydynamics.com>
References: <200208241923.g7OJNBZf001129@marajade.sandelman.ottawa.on.ca><200208241923.g7OJNBZf001129@marajade.sandelman.ottawa.on.ca><5.1.0.14.2.20020827165406.03057820@exna07.securitydynamics.com>
Sender: owner-ipsec@lists.tislabs.com

At 4:56 PM -0400 8/27/02, Housley, Russ wrote:
>Steve:
>
>I disagree.  AES-CTR only uses the AES encrypt operation for both 
>packet encryption and decryption.  Since AES encrypt and AES decrypt 
>are quite different, unlike DES where they were nearly identical, 
>there can be a considerable savings in code size and development 
>time for AES-CTR since AES-CBC used both AES encrypt and decrypt 
>operations.
>
>Russ
>

Russ,

Yes, that point has been made and I concur that, relative to CBC, a 
CTR or an OFB mode implementation is simpler because only the encrypt 
operation needs be created. I doubt that this will be an issue in the 
IPsec context, unless we mandate ONLY CTR, since modes like CBC do 
require both encrypt and decrypt codebooks, but your point is correct.

Steve

References:
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt
  - From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
- Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt
  - From: "Housley, Russ" <rhousley@rsasecurity.com>

Prev by Date: Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt
Next by Date: Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt
Prev by thread: Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt
Next by thread: Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt
Index(es):
- Date
- Thread