MemeStreams | MemeStreams Discussion

Create an Account

This page contains all of the posts and discussion on MemeStreams referencing the following web page: NIST -- New Encryption Modes. You can find discussions on MemeStreams as you surf the web, even if you aren't a MemeStreams member, using the Threads Bookmarklet.

NIST -- New Encryption Modes
by bucy at 5:09 pm EDT, Oct 13, 2003

NIST is trying to update the venerable set (CBC/OFB/CFB/counter) of encryption modes. Some of the new ones provide "authenticated encryption," i.e. the equivalent of encryption and MACing with one key and significantly less cost than encrypt-then-MAC.

In light of Vaudenay's CBC padding attack, authenticated encryption seems prudent.

RE: NIST -- New Encryption Modes
by Decius at 3:30 pm EDT, Oct 21, 2003

bucy wrote:
]
] NIST is trying to update the venerable set
] (CBC/OFB/CFB/counter) of encryption modes. Some of the new
] ones provide "authenticated encryption," i.e. the equivalent
] of encryption and MACing with one key and significantly less
] cost than encrypt-then-MAC.
]
] In light of Vaudenay's CBC padding attack, authenticated
] encryption seems prudent.

Has there been any survey of the field here? Are these all acceptable from a security standpoint? Are they all useful in particular circumstances? Is there anyone who has written a paper which sorts them out and explains whats good for what?