From: Herbert Xu Subject: Re: CTS (cipher text stealing mode) and short packets Date: Tue, 30 Sep 2008 22:33:19 +0800 Message-ID: References: Cc: kwc@citi.umich.edu, linux-crypto@vger.kernel.org To: russ.dill@gmail.com (Russ Dill) Return-path: Received: from rhun.apana.org.au ([64.62.148.172]:55893 "EHLO arnor.apana.org.au" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1752599AbYI3Od2 (ORCPT ); Tue, 30 Sep 2008 10:33:28 -0400 In-Reply-To: Sender: linux-crypto-owner@vger.kernel.org List-ID: Russ Dill wrote: > > I worked with this a bit, and since the IV has to be modified, it was > just easier to check for nbytes less than or equal to block size in my > own code and then back up src/dest pointers by iv_size and increase > the size by iv_size. (My IV is prepended to my data). On decryption I > do something similar by adding a buffer for the output of the IV. I suggest that we fix the CTS algorithm (i.e., give it a block size of 1 instead of whatever it is now, plus make it work properly for input equal or less than a block), and then implement RFC3962 on top of it. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt