Encryption and authentication modes
markus reichelt
ml at mareichelt.com
Thu Jul 15 11:32:04 EDT 2010
* james hughes <hughejp at mac.com> wrote:
> If there is no room for or an integrity field, you can look at
> XTS-AES.
> http://csrc.nist.gov/publications/nistpubs/800-38E/nist-sp-800-38E.pdf
A not so well-known statement of said PDF certainly is the following,
especially in light of today's storage device capacities:
"The length of the data unit for any instance of an implementation of
XTS-AES shall not exceed 2^20 AES blocks."
It seems to have made it smartly into openbsd, at least this
commit-info hints it:
http://marc.info/?l=openbsd-cvs&m=121341266715025
--
left blank, right bald
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20100715/7fa8974a/attachment.pgp>
More information about the cryptography
mailing list