[dm-devel] [PATCH] crypto/arc4: convert this stream cipher into a block cipher
Herbert Xu
herbert at gondor.apana.org.au
Mon Feb 22 00:52:17 UTC 2010
On Mon, Feb 22, 2010 at 08:45:47AM +0800, Herbert Xu wrote:
>
> How about this? You extend the IV by one more byte, and use that
> byte as a boolean flag to indicate whether the IV is valid. All
> users that cannot supply their own IVs can then set the IV to zero.
>
> When you see the zero flag in the IV, you reinitialise the IV per
> the key.
In fact for arc4 we could just drop the key altogether since it
plays no part after setting the initial state.
> > salsa also does not stick to plan here. ctx->input[6-9] is initialized
> > in encrypt() path. So two threads sharing a ctx are going to clobber
> > their state.
>
> Salsa should also be fixed.
For Salsa on the other hand the key is rather useful since all
we need is a two-byte IV that's just a sequence number.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
More information about the dm-devel
mailing list