[Cryptography] [Crypto-practicum] Justify the sequence of operations in CTR mode.

Bill Cox waywardgeek at gmail.com
Fri Feb 12 18:16:49 EST 2016


On Fri, Feb 12, 2016 at 12:50 PM, Ray Dillinger <bear at sonic.net> wrote:

>
>
> You have a good point and you've convinced me of a necessary
> revision of CXR - but the notion of "unintentional" is really
> really funny when dealing with security.  You know that if CXR
> as I first proposed it were to be deployed, this would happen
> immediately and it would be as intentional as all getout.
>
> But now we have to use a hash function on the counter, or at
> least a nonlinearity of some kind, so the operation has gotten
> significantly more expensive dangit.
>
>
You can use an ultra-fast randomized hash function because the key is
unknown to the attacker.

Bill
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160212/aa99aa08/attachment.html>


More information about the cryptography mailing list