[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: AES cipher suites

To: daw@xxxxxxxxxxxxxxxxxxxxxx, ipsec@xxxxxxxxxxxxxxxxx
Subject: RE: AES cipher suites
From: Black_David@xxxxxxx
Date: Mon, 13 Jan 2003 11:36:56 -0500
Sender: owner-ipsec@xxxxxxxxxxxxxxxxx

> Why do you need both?  What problem does AES-CBC solve that AES-CTR
> doesn't?  It looks to me like AES-CTR is likely to be good enough for
> everything that AES-CBC is good enough for -- but then, I'm 
> not familiar with ips.  What am I missing?

Nothing - ips only needs AES-CTR.  If that's adequate for everyone
who wants to use AES, then AES-CBC is not needed, but I can't draw
that conclusion solely based on what IPS envisions ... anyone who
wants/needs AES-CBC even if AES-CTR is present needs to speak up
promptly.

Thanks,
--David

> -----Original Message-----
> From: daw@xxxxxxxxxxxxxxxxxxxxxx [mailto:daw@xxxxxxxxxxxxxxxxxxxxxx]
> Sent: Saturday, January 11, 2003 3:31 PM
> To: ipsec@xxxxxxxxxxxxxxxxx
> Subject: Re: AES cipher suites
> 
> 
> David Black wrote:
> >On behalf of the IP Storage (ips) folks who are depending on AES
> >counter mode, I want to make a strong request for specification of
> >*both* an AES-CBC suite and an AES-CTR suite.  IPS's use of AES-CTR
> >is motivated by a desire to build high-speed hardware.  While AES-CTR
> >is the "right thing" for that class of implementation, I'm reluctant
> >to impose it on everyone who wants to use AES by not defining an
> >AES-CBC suite.
> 
> Why do you need both?  What problem does AES-CBC solve that AES-CTR
> doesn't?  It looks to me like AES-CTR is likely to be good enough for
> everything that AES-CBC is good enough for -- but then, I'm 
> not familiar
> with ips.  What am I missing?
>

Follow-Ups:
- Re: AES cipher suites
  - From: Scott G. Kelly

Prev by Date: Re: A proposal
Next by Date: Re: Proposed Configuration payload for IKEv2
Previous by thread: Re: AES cipher suites
Next by thread: Re: AES cipher suites
Index(es):
- Date
- Thread