analysis and implementation of LRW
james hughes
hughejp at mac.com
Mon Jan 22 10:56:06 EST 2007
The IEEE P1619 standard group has dropped LRW mode. It has a
vulnerability that that are collisions that will divulge the mixing
key which will reduce the mode to ECB.
There are new mode, XTS-AES being drafted. At this time no one has
claimed that XTS-AES is patented encumbered. There is a reference
implementation of XES-AES by Brian Gladman (although he calls it XEX).
Additionally, there are three modes for wide block encryption
(treating an entire sector as a single permutation) called
XCB/HCTR, EME*, and TET.
at this time no one has claimed that TET is patented encumbered.
More information about this work group, and their email archive can
be found at
http://ieee-P1619.wetpaint.com
Standard caveat applies to implementing non-ratified standards that
things will change.
Jim
On Jan 15, 2007, at 8:49 PM, Roland Dowdeswell wrote:
> In the last couple of days I have been considering implementing an
> LRW mode for CGD (http://www.imrryr.org/~elric/cgd) (CryptoGraphic
> Disk), but I haven't really seen a lot of cryptanalysis of it or
> found the canonical implementation.
>
> Has anyone here done the research? And if it is generally accepted
> as secure, is there a recommendation of an implementation that is
> BSD (or similar) licensed?
>
> Thanks,
>
> --
> Roland Dowdeswell http://www.Imrryr.ORG/
> ~elric/
>
> ---------------------------------------------------------------------
> The Cryptography Mailing List
> Unsubscribe by sending "unsubscribe cryptography" to
> majordomo at metzdowd.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list