Determine interest: AES with IGE mode?

Aki Tuomi desteem.org at pi.ip.fi
Tue Sep 29 17:24:52 CEST 2015


On Mon, Sep 28, 2015 at 11:30:42PM +0200, Ben Wiederhake wrote:
> Hello,
> 
> Am 28.09.2015 um 17:14 schrieb Ben Wiederhake:
> >Personally, I now have the choice between implementing it only for
> >libtgl, or implementing it for libgcrypt.
Hi!

While this is very interesting it does lack some use cases, like, why would
someone want to use this instead of CBC.

Also, some notes on your PDF dissertation:

 - You claim it corrupts plaintext on any error in ciphertext, can you provide
   some proof over that.

 - The IGE mode of operation could be explained better, at the moment it's
   quite terse. Same goes for BIGE.

 - "Note that the second part of this chaining sequence appears to be
   incorrectly specified in the original paper.", can you elaborate on
   this claim?

 - is there any research done on this algorithm other than that one paper
   wrote by Donescu and Gligor in 2000?

Regards,
 



More information about the Gcrypt-devel mailing list