Re: [PATCH 4/4] crypto: lmk2/lmk3 cipher block modes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Jan 18, 2010 at 05:52:34PM +0100, Max Vozeler wrote:
>
> The difference is that the IV is derived from the cleartext and
> so is not known before decrypt.
> 
> So decrypt could be described using CBC as, I think:
> 
>  1) CBC decrypt with null IV
>  2) Derive IV based on cleartext of blocks 1..31
>  3) XOR block 0 with IV

Yep, this sounds like the way it should be implemented.
 
> But I'm not sure how to implement it given the difference
> described above. It might look something like this:
> 
>  - Add IV generators "lmk2", "lmk3"
> 
>  - Treat them as "cbc" with null IV internally, then after 
>    decrypt derive IV and xor block 0 with it.
> 
> The second part is why I built this as a mode originally. It
> seemed like it was not belonging in dm-crypt.

OK, I see what you mean.

Let's keep lmk2/lmk3 as separate modes, but implement it as a
wrapper around cbc.  That is, instead of allocating the cipher,
you'd allocate "cbc(cipher)" (as an ablkcipher) and use it to
perform the actual encryption/decryption.

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux