| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 4 Dec 2020 11:03:47 -0500
From: Bruce Fields <bfields@...ldses.org>
To: David Howells <dhowells@...hat.com>
Cc: Chuck Lever <chuck.lever@...cle.com>,
CIFS <linux-cifs@...r.kernel.org>,
Linux NFS Mailing List <linux-nfs@...r.kernel.org>,
Herbert Xu <herbert@...dor.apana.org.au>,
netdev@...r.kernel.org, linux-kernel@...r.kernel.org,
Trond Myklebust <trond.myklebust@...merspace.com>,
linux-crypto@...r.kernel.org, linux-fsdevel@...r.kernel.org,
linux-afs@...ts.infradead.org
Subject: Re: Why the auxiliary cipher in gss_krb5_crypto.c?
On Fri, Dec 04, 2020 at 04:01:53PM +0000, David Howells wrote:
> Bruce Fields <bfields@...ldses.org> wrote:
>
> > > Reading up on CTS, I'm guessing the reason it's like this is that CTS is the
> > > same as the non-CTS, except for the last two blocks, but the non-CTS one is
> > > more efficient.
> >
> > CTS is cipher-text stealing, isn't it? I think it was Kevin Coffman
> > that did that, and I don't remember the history. I thought it was
> > required by some spec or peer implementation (maybe Windows?) but I
> > really don't remember. It may predate git. I'll dig around and see
> > what I can find.
>
> rfc3961 and rfc3962 specify CTS-CBC with AES.
OK, I guess I don't understand the question. I haven't thought about
this code in at least a decade. What's an auxilary cipher? Is this a
question about why we're implementing something, or how we're
implementing it?
--b.
Powered by blists - more mailing lists