FUD about CGD and GBDE
Thor Lancelot Simon
tls at rek.tjls.com
Thu Mar 3 21:41:51 GMT 2005
On Thu, Mar 03, 2005 at 10:15:55PM +0100, Poul-Henning Kamp wrote:
>
> And if CGD is _so_ officially approved as you say, then I can not
> for the life of me understand how it can use the same key to generate
> the IV and perform the encryption. At the very least two different
> keys should have been used at the "expense" of making the masterkey
> 512 bits instead of 256.
Why "should" two different keys have been used? It is possible that I
misunderstand the underlying theory, but so far as I do understand it
the only real requirement for IVs is that the Hamming distance between
any two used with the same encryption key be large.
Are you concerned about a key recovery attack? If so, can you give
an outline of how it would work?
--
Thor Lancelot Simon tls at rek.tjls.com
"The inconsistency is startling, though admittedly, if consistency is to be
abandoned or transcended, there is no problem." - Noam Chomsky
More information about the freebsd-hackers
mailing list