Hello,
2018-01-04 16:02 GMT+03:00 Niels Möller nisse@lysator.liu.se:
Nikos Mavrogiannopoulos n.mavrogiannopoulos@gmail.com writes:
Niels what do think about CFB8?
If there applications for it, it makes sense to add it. My main question is, should it be a separate set of functions, or should we make the reasonably straightforward extension to cfb_encrypt and cfb_decrypt so that passing length == 1 implies cfb8? All needed, if I remember the earlier discussion, is to add the appopriate iv update to the
if (left > 0) { .... }
blocks at the end of these functions. This has the advantage that we get support for CFBn for any 0 < n < block size, more or less for free.
Well, it's not for free. This will require an additional CFB parameter (chunk size). Also code will be much more complicate. I'd prefer to have separate cfb8_* functions. They are simple and clean enough.
What's samba's usecase for CFB8? As far as I understand, CFB8 (or small-symbol CFB in general) makes sense only when one needs to encrypt and transmit each byte before the next cleartext byte becomes available.
Not really. It's just another 'strange' block mode. Compare it to CFB1, where each bit requires new block encipherment (and IV update).