[cryptography] 100 Gbps line rate encryption

Nico Williams nico at cryptonector.com
Wed Jul 17 11:45:06 EDT 2013

On Wed, Jul 17, 2013 at 7:42 AM, ianG <iang at iang.org> wrote:
> On 17/07/13 10:50 AM, William Allen Simpson wrote:
> Thing is, you don't just need an encryption algorithm, you also need IV,
> MAC, Padding concepts.  (I agree that using a stream cipher obviates any
> messing Padding needs and the 'mode' choice.)

Choices for dealing with padding:

 - accept padding

 - use a stream cipher

 - use a counter cipher mode (not unlike a stream cipher)

 - use ciphertext stealing modes

Kerberos uses CTS for AES, but it's proven to be painful.

My advice: accept the padding.

More information about the cryptography mailing list