Beyond Curve25519

Sun Jan 18 16:20:29 CET 2015

On Sun, 18 Jan 2015 09:25, pgut001 at cs.auckland.ac.nz said:

> way deliberately).  Having it fixed at some point if the spec is
> revised would be good, it'd be nice to be able to support a standard
> mode without having to add all sorts of ad-hoc handling for what PGP
> does.

FWIW: The SYNC bug-feature is not used if MDC is in use.  We use CFB128
for all ciphers with a blocklength of 128.

> (Phil Rogaway has offered to make OCB mode freely usable for TLS, if he would 
With that in mind I added OCB to Libgcrypt last week.  For free
implementations it is thus no problem to replace CFB+MDC-hack by OCB.  I
am not sure how the free OCB licenses relate to the use of an LGPLed
library in a military application - but to me that is more a feature
than a problem.

Another reasons to re-establish the OpenPGP WG.

Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.