[145338] in cryptography@c2.net mail archive
Encryption and authentication modes
daemon@ATHENA.MIT.EDU (Florian Weimer)
Wed Jul 14 10:36:54 2010
To: Cryptography List <cryptography@metzdowd.com>
From: Florian Weimer <fweimer@bfk.de>
Date: Wed, 14 Jul 2010 08:52:50 +0000
What's the current state of affairs regarding combined encryption and
authentication modes?
I've implemented draft-mcgrew-aead-aes-cbc-hmac-sha1-01 (I think, I
couldn't find test vectors), but I later came across CCM and EAX. CCM
has the advantage of being NIST-reviewed. EAX can do streaming (but
that's less useful when doing authentication). Neither seems to be
widely implemented. But both offer a considerable reduction in
per-message overhead when compared to the HMAC-SHA1/AES combination.
Are there any other alternatives to consider? Are there any traps I
should be aware of when implementing CCM?
--=20
Florian Weimer <fweimer@bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstra=DFe 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
