Camellia project proposal
lukeh at padl.com
Tue Dec 8 16:16:29 EST 2009
On 08/12/2009, at 10:04 PM, Luke Howard wrote:
>> No, meaning we need to take the key usage into account for the
>> and the encryption.
> We do. However per the NIST document the same (derived) key is used
> for both. See dk/dk_ccm.c.
> I guess there is a problem if you attempt to use AES CBC as a
> standalone checksum mechanism. I can fix this...
OK, I fixed this in r23459 of aes-ccm, by having AES CBC do its own
key derivation using the same algorithm as DK CCM. Probably can be
cleaned up when forward porting to trunk.
More information about the krbdev