Camellia project proposal

Luke Howard lukeh at
Tue Dec 8 14:59:57 EST 2009

> Luke has previously done an implementation of AES-CCM which could
> probably be adapted to the current crypto library and Camellia without
> too much effort.  That option would require more careful theoretical
> review than a CBC or CTS mode enctype, because of our lack of
> familiarity with AEAD modes.  (For instance, I didn't see any key
> derivation going on in the aescbc keyhash provider in Luke's code, and
> Sam didn't think that was safe.)

Do you mean using a separate key for the CBC MAC to that used for  
encryption? I thought about that, but then we would no longer be  
compliant with NIST SP800-38C. And I figure NIST know more about  
cryptography than I.

-- Luke

More information about the krbdev mailing list