1996-04-23 - Re: DES as a stream cipher

Header Data

From: “Perry E. Metzger” <perry@piermont.com>
To: “Karl A. Siil” <karl@geoplex.com>
Message Hash: c20bb7c5549a137facadf3f9e1fad1c81a9505f8c2883d9a2648847a1861229e
Message ID: <199604222225.SAA18546@jekyll.piermont.com>
Reply To: <2.2.32.19960422214547.006b636c@geoplex.com>
UTC Datetime: 1996-04-23 03:58:39 UTC
Raw Date: Tue, 23 Apr 1996 11:58:39 +0800

Raw message

From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 23 Apr 1996 11:58:39 +0800
To: "Karl A. Siil" <karl@geoplex.com>
Subject: Re: DES as a stream cipher
In-Reply-To: <2.2.32.19960422214547.006b636c@geoplex.com>
Message-ID: <199604222225.SAA18546@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"Karl A. Siil" writes:
> Folks,
> 
> As this sounds like a previously solved problem, I wanted to find out about
> using DES (or any block cipher) as a stream cipher, i.e., in a manner that
> keeps input and output data length equal.

DES (and other block ciphers) has a couple of modes that let you do
this -- CFB mode and OFB mode come to mind. Their security hasn't been
that well studied to my knowledge. However...

> I don't want to use a true stream cipher, as I want to use the same
> key for multiple messages and stream ciphers tend to place the bulk
> of their overhead in the re-key.

????

> Since stream ciphers have "memory," I would have to "re-key" to the
> same key for each of my messages. I would rather key something like
> DES once and run it in CBC mode or use some other form of IV.

???

You ought to explain your application more clearly; it isn't
necessarily the case that a stream cipher is appropriate for you.

.pm





Thread