[Cryptography] mode of operation for file encryption
Steve Weis
steveweis at gmail.com
Tue Sep 1 18:01:52 EDT 2015
On Tue, Sep 1, 2015 at 8:50 AM, <matic at nimp.co.uk> wrote:
> I need an operation mode for AES with the following properties:
> ...
> So far the best thing I can think of is a kind of extended ECB which I would
> call "ECB with xor" or ECBX:
Making up your own mode is not a good idea. Your made-up mode leaks
information in a Chosen-Plaintext attack to someone who can predict
block indices. Don't use it.
> The application is file encryption done on the fly in a virtual file system
> ...
> I could go for XEX, but I would like to have a good motivation to justify
> the additional GCM operation.
On x86 platforms, AES-GCM is very fast and library support is widely
available. It will certainly not be a bottleneck for a network-backed
virtual filesystem. I would just use GCM.
More information about the cryptography
mailing list