Peter Dettman
2013-06-10 11:00:03 UTC
For anyone interested in OCB:
As part of the 1.49 release, we included an implementation of the OCB
mode, based on the current draft spec "draft-irtf-cfrg-ocb-00". There is
also an implementation in the C# build, though as yet unreleased.
It has been brought to my attention that there is some discussion on
CFRG (see
http://www.ietf.org/mail-archive/web/cfrg/current/msg03450.html and the
containing thread) which may lead to a small change that would affect
backward-compatibility for some configurations.
My understanding is that if you use the mode with a full 128-bit TAGLEN,
and supply no more than 15 bytes of IV, then the change suggested in the
link above will not affect the output of the algorithm. Users who wish
to use the mode outside of those parameters would be well-advised to
follow the discussion at that thread, and ensure they understand the
implications of doing so.
Regards,
Pete Dettman
As part of the 1.49 release, we included an implementation of the OCB
mode, based on the current draft spec "draft-irtf-cfrg-ocb-00". There is
also an implementation in the C# build, though as yet unreleased.
It has been brought to my attention that there is some discussion on
CFRG (see
http://www.ietf.org/mail-archive/web/cfrg/current/msg03450.html and the
containing thread) which may lead to a small change that would affect
backward-compatibility for some configurations.
My understanding is that if you use the mode with a full 128-bit TAGLEN,
and supply no more than 15 bytes of IV, then the change suggested in the
link above will not affect the output of the algorithm. Users who wish
to use the mode outside of those parameters would be well-advised to
follow the discussion at that thread, and ensure they understand the
implications of doing so.
Regards,
Pete Dettman