Why is blowfish so slow? Other fast algorithms?
David A Wagner
daw at beijing.CS.Berkeley.EDU
Tue Jan 23 20:06:35 PST 1996
-----BEGIN PGP SIGNED MESSAGE-----
In article <199601221851.NAA16938 at amsterdam.lcs.mit.edu>,
David Mazieres <dm at amsterdam.lcs.mit.edu> wrote:
> The problem with RC4 is that it works in OFB only. If I need data
> integrity in the face of known plaintext, I will need to compute a MAC
> in paralell with the encryption which could significantly slow things
> down.
If you want authentication, you must use a crypto-strength MAC.
Encryption (be it RC4, DES, etc.) is not enough.
> With a block cypher in CFB, I can just re-encrypt the last
> block of data.
False. CFB has limited error propagation, so if I modify any block
before the next-to-last, it will not show up with your method.
This seems to be a really common error.
If you want message integrity guarantees, you must use a MAC. Always.
- ---
[This message has been signed by an auto-signing service. A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service
iQBFAwUBMQV+LioZzwIn1bdtAQF7pgGAm6GnmZqPSElx8mVyonD9BqScefdZLhul
fv/qU/bsEDM2YyKuBpoFWyKMwIH0jyzx
=Bp2Q
-----END PGP SIGNATURE-----
More information about the cypherpunks-legacy
mailing list