Camellia project proposal
Luke Howard
lukeh at padl.com
Tue Dec 8 14:59:57 EST 2009
> Luke has previously done an implementation of AES-CCM which could
> probably be adapted to the current crypto library and Camellia without
> too much effort. That option would require more careful theoretical
> review than a CBC or CTS mode enctype, because of our lack of
> familiarity with AEAD modes. (For instance, I didn't see any key
> derivation going on in the aescbc keyhash provider in Luke's code, and
> Sam didn't think that was safe.)
Do you mean using a separate key for the CBC MAC to that used for
encryption? I thought about that, but then we would no longer be
compliant with NIST SP800-38C. And I figure NIST know more about
cryptography than I.
-- Luke
More information about the krbdev
mailing list