Re: AES cipher suites

["Scott G. Kelly" <scott@xxxxxxxxxxxxxxxxxx>]

There are issues of backward compatibility: there are (recently) fielded
devices which contain hardware support for aes-cbc and not aes-ctr. Are
we to require vendors to forklift these devices?

Scott

Black_David@xxxxxxx wrote:
> 
> > Why do you need both?  What problem does AES-CBC solve that AES-CTR
> > doesn't?  It looks to me like AES-CTR is likely to be good enough for
> > everything that AES-CBC is good enough for -- but then, I'm
> > not familiar with ips.  What am I missing?
> 
> Nothing - ips only needs AES-CTR.  If that's adequate for everyone
> who wants to use AES, then AES-CBC is not needed, but I can't draw
> that conclusion solely based on what IPS envisions ... anyone who
> wants/needs AES-CBC even if AES-CTR is present needs to speak up
> promptly.
> 
> Thanks,
> --David
> 
> > -----Original Message-----
> > From: daw@xxxxxxxxxxxxxxxxxxxxxx [mailto:daw@xxxxxxxxxxxxxxxxxxxxxx]
> > Sent: Saturday, January 11, 2003 3:31 PM
> > To: ipsec@xxxxxxxxxxxxxxxxx
> > Subject: Re: AES cipher suites
> >
> >
> > David Black wrote:
> > >On behalf of the IP Storage (ips) folks who are depending on AES
> > >counter mode, I want to make a strong request for specification of
> > >*both* an AES-CBC suite and an AES-CTR suite.  IPS's use of AES-CTR
> > >is motivated by a desire to build high-speed hardware.  While AES-CTR
> > >is the "right thing" for that class of implementation, I'm reluctant
> > >to impose it on everyone who wants to use AES by not defining an
> > >AES-CBC suite.
> >
> > Why do you need both?  What problem does AES-CBC solve that AES-CTR
> > doesn't?  It looks to me like AES-CTR is likely to be good enough for
> > everything that AES-CBC is good enough for -- but then, I'm
> > not familiar
> > with ips.  What am I missing?
> >