[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: draft-ietf-ipsec-ciph-aes-ctr-00.txt
At 4:56 PM -0400 8/27/02, Housley, Russ wrote:
>Steve:
>
>I disagree. AES-CTR only uses the AES encrypt operation for both
>packet encryption and decryption. Since AES encrypt and AES decrypt
>are quite different, unlike DES where they were nearly identical,
>there can be a considerable savings in code size and development
>time for AES-CTR since AES-CBC used both AES encrypt and decrypt
>operations.
>
>Russ
>
Russ,
Yes, that point has been made and I concur that, relative to CBC, a
CTR or an OFB mode implementation is simpler because only the encrypt
operation needs be created. I doubt that this will be an issue in the
IPsec context, unless we mandate ONLY CTR, since modes like CBC do
require both encrypt and decrypt codebooks, but your point is correct.
Steve