[Cryptography] AES GCM insecure vs OCB1/OCB3 ??
Joachim Strömbergson
joachim at strombergson.com
Thu Feb 18 09:28:07 EST 2021
Aloha!
John-Mark Gurney wrote on 2021-02-17 00:58:
> Paul Wouters wrote this message on Tue, Feb 16, 2021 at 14:37 -0500:
>> On Sat, 13 Feb 2021, Jon Callas wrote:
>>
>>> Use OCB. It's faster and more secure than GCM. It's also now free of all patent issues. I talked to Phil Rogaway about it earlier in the year
>>
>> It would be useful if Rogaway could make a public statement somewhere on
>> this, because as far as I can see, it is still not allowed for IKE/IPsec
>> based on the latest public information I have.
>
> Looks like it's free for any open source and non-military use:
> https://www.cs.ucdavis.edu/~rogaway/ocb/license.htm
No, it is free for any open source _software_. I have implemented it as
an open hardware implementation intended to be released as such. I have
tried to get a response from Rogaway if his license includes hardware.
But so far no response.
--
Med vänlig hälsning, Yours
Joachim Strömbergson
========================================================================
Assured AB
========================================================================
More information about the cryptography
mailing list