I am in learning mode and have been looking into CTR.
Based on the fact that CTR does not require the plaintext to
be a multiple of the blocksize nor is padding required,
should I use cipher.c routines (as xcbc does) instead
of blkcipher.c routines (as cbc does)?
(I've been referencing rfc 3686.)
If it is possible to receive plaintext < blocksize in CTR...
then, wouldn't blkcipher_walk_virt() result in error because
walk->total < blocksize. (Error would occur in blcipher_walk_next.)
Regards,
Joy
Joy Latten <[email protected]> wrote:
> I am in learning mode and have been looking into CTR.
> Based on the fact that CTR does not require the plaintext to
> be a multiple of the blocksize nor is padding required,
> should I use cipher.c routines (as xcbc does) instead
> of blkcipher.c routines (as cbc does)?
> (I've been referencing rfc 3686.)
CBC is the correct model to follow. For our purposes you
will only get multiples of blocks. The only difference
is that unlike CBC you can chop bits off the last block
of plain text and the same bits will be chopped off in
the cipher text.
With CBC chopping off bits in either changes the other one
entirely.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
On Fri, 2007-08-17 at 10:19 +0800, Herbert Xu wrote:
> Joy Latten <[email protected]> wrote:
> > I am in learning mode and have been looking into CTR.
> > Based on the fact that CTR does not require the plaintext to
> > be a multiple of the blocksize nor is padding required,
> > should I use cipher.c routines (as xcbc does) instead
> > of blkcipher.c routines (as cbc does)?
> > (I've been referencing rfc 3686.)
>
> CBC is the correct model to follow. For our purposes you
> will only get multiples of blocks. The only difference
> is that unlike CBC you can chop bits off the last block
> of plain text and the same bits will be chopped off in
> the cipher text.
>
ok, that is good, I started out following CBC model and will continue.
Just to make sure I understand correctly,
our plaintext will be a multiple of the blocksize,
therefore it may be padded, right?
Also, since it is a multiple, I don't have to worry about last
block of plaintext being less than blocksize and truncating
the keystream or ciphertext, right?
Thanks.
Joy
> With CBC chopping off bits in either changes the other one
> entirely.
>
> Cheers,
On Fri, Aug 17, 2007 at 02:54:52PM -0500, Joy Latten wrote:
>
> Just to make sure I understand correctly,
> our plaintext will be a multiple of the blocksize,
> therefore it may be padded, right?
Yes but the padding is something for the user to worry about
and shouldn't concern you.
> Also, since it is a multiple, I don't have to worry about last
> block of plaintext being less than blocksize and truncating
> the keystream or ciphertext, right?
Yes.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt