[145307] in cryptography@c2.net mail archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Question w.r.t. AES-CBC IV

daemon@ATHENA.MIT.EDU (David Wagner)
Sat Jul 10 20:46:11 2010

From: David Wagner <daw@cs.berkeley.edu>
To: cryptography@metzdowd.com
Date: Sat, 10 Jul 2010 13:22:23 -0700 (PDT)

Jerry Leichter  wrote:
> CTR mode is dangerous unless you're also doing message authentication,  

Nitpick:

That's true of CBC mode, too, and almost any other encryption mode.
Encryption without authentication is dangerous; if you need to encrypt,
you almost always need message authentication as well.

(I will agree that CTR mode encryption without message authentication
is often even more dangerous than CBC mode encryption without message
authentication, but usually neither is a good idea.)

Setting that minor nitpick aside, the discussion here seems like good
advice.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[145307] in cryptography@c2.net mail archive

Re: Question w.r.t. AES-CBC IV

daemon@ATHENA.MIT.EDU (David Wagner)Sat Jul 10 20:46:11 2010

daemon@ATHENA.MIT.EDU (David Wagner)
Sat Jul 10 20:46:11 2010