1 / 14

Welcome to the Second Modes of Operation Workshop

Welcome to the Second Modes of Operation Workshop. Goleta, California August 24, 2001. Introductions. Bill Burr Elaine Barker Morris Dworkin Aaron Nelson Vickie Harris Teresa Vicente. We work in the…. STG of the CSD of the NIST, an agency of the TA of the USG’s DoC.

lidia
Download Presentation

Welcome to the Second Modes of Operation Workshop

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Welcome to the Second Modes of Operation Workshop Goleta, California August 24, 2001

  2. Introductions • Bill Burr • Elaine Barker • Morris Dworkin • Aaron Nelson • Vickie Harris • Teresa Vicente

  3. We work in the… • STG of the • CSD of the • NIST, an agency of the • TA of the • USG’s • DoC.

  4. Current Federal Information Processing Standards for Modes • FIPS81: Four DES Confidentiality Modes • ECB • CBC • CFB • OFB • FIPS 113: One DES Authentication Mode • DAA (CBC-MAC) • FIPS 46-3: Approves 7 Triple DES Modes

  5. More on FIPS 46-3 • Approves the modes that are specified in ANSI X9.52. • Seven confidentiality modes of Triple DES: • The analogues of the four DES modes • TECB, TCBC, TCFB, TOFB • Three interleaved/pipelined modes • TCBC-I, TCFB-P, TOFB-I.

  6. With the advent of the AES... • A need to update old modes • accommodate 128 bit block size of the AES • accommodate any current or future approved block ciphers • reflect progress in cryptographic knowledge • An opportunity to consider new modes • suggested at AES conferences

  7. Two Phases • Phase 1: • The straightforward choices for modes • Publish around the same time that the AES FIPS is approved • A NIST Recommendation rather than a FIPS • Phase 2: • Consider new modes

  8. The draft NIST Recommendation • Updates ECB, CBC, CFB, OFB, CBC-MAC for use with any approved cipher • Also specifies CTR mode • Not binding on federal users (unlike FIPSs) • Conformance tests will be developed • Public comments requested by August 31, 2001; send to EncryptionModes@nist.gov.

  9. Agenda for the Workshop • Presentation of modes proposals • Modes for the Internet; other comments • Comments on the draft NIST Recommendation • Where do we go from here?

  10. Schedule of Breaks • 9:00-10:20 Presentations • 10:20-10:40 BREAK • 10:40-12:00 Presentations • 12:00-1:00 LUNCH • 1:00-2:40 Presentations • 2:40-3:00 BREAK • 3:00-5:00 Presentations

  11. Presentations of Modes • Authentication Modes • John Black: XCBC • Antoine Joux: RMAC • Phillip Rogaway: PMAC • Authenticated Encryption Modes • Phillip Rogaway: OCB • Virgil Gligor: XECB*-MAC (authentication only), XECBSC-XOR, XCBC*-XOR; • Charanjit Jutla: IAPM, IACBC

  12. Remaining Proposals • Confidentiality • 2DEM • ABC • KFB (a keystream generator) • Confidentiality and Authentication • PCFB • Hash • AES-hash (requires 256 block size AES)

  13. Comments and Analysis • Matt Blaze and Steve Bellovin: “Cryptographic Modes of Operation for the Internet” • Other comments on modes proposals

  14. Two Devices • Audio tape recording • Microphone

More Related