[cryptography] Tigerspike claims world first with Karacell for mobile security
noloader at gmail.com
Thu Dec 27 13:46:40 EST 2012
On Thu, Dec 27, 2012 at 1:35 PM, Ben Laurie <ben at links.org> wrote:
> On Thu, Dec 27, 2012 at 9:18 AM, Russell Leidich <pkejjy at gmail.com> wrote:
>> there are plenty of Googleable papers showing the Counter Mode is weak
>> relative to (conventional) cipher-block-chaining (CBC) AES.
> Really? For example?
I believe CTR mode is especially sensitive to key/nonce reuse. But you
don't see the problem until you look at messages over time and space.
Confer: CTR mode uses a predictable counter, while CBC mode uses a
random (not unique) IV.
I could be wrong since I'm working from memory (it sucks getting old).
I'd need to get into the literature to give you anything useful
More information about the cryptography