[Ach] The sad story of lonely AES-CTR
robin.balean at a-trust.at
robin.balean at a-trust.at
Wed Dec 18 09:15:18 CET 2013
The reason is probably because AES-CTR is not an authenticated encryption mode. It just provides encryption.
Robin
-----Ursprüngliche Nachricht-----
Von: ach-bounces at lists.cert.at [mailto:ach-bounces at lists.cert.at] Im Auftrag von Aaron Zauner
Gesendet: Dienstag, 17. Dezember 2013 20:26
An: ach at lists.cert.at List Mailing
Betreff: [Ach] The sad story of lonely AES-CTR
Ohai.
Does anyone know why OpenSSL 1.0.1e supports AES-CTR as block cipher mode but misses AES-CTR completely in ciphersuites?
As it seems Counter Mode never made it to the RFC: http://tools.ietf.org/html/rfc5288
GCM did.
“If my calculations are correct” AES-CTR would be significantly faster than AES-GCM (since openssl speed does not support benching aes-gcm nor aes-ctr I simply went for a complexity comparison - I should maybe write a real test for that as well).
BTW. Ben Laurie commited an exotic chaining mode called IGE to OpenSSL some time ago:
“”"
Infinite Garble Extension (IGE) is a block cipher mode[1]. It has the property that errors are propagated forward indefinitely. Bi-directional IGE (biIGE) propogates errors in both directions: that is, any change to the ciphertext will cause all of the plaintext to be corrupted.
“”"
http://www.links.org/files/openssl-ige.pdf
Aaron
More information about the Ach
mailing list