W3C home > Mailing lists > Public > public-webcrypto@w3.org > September 2012

Re: Support for ECB

From: Wan-Teh Chang <wtc@google.com>
Date: Wed, 5 Sep 2012 15:03:04 -0700
Message-ID: <CALTJjxFHWR8FwMGQBTikBZUrz1gkputpfE3XjYtC5NPr1fWQKw@mail.gmail.com>
To: public-webcrypto@w3.org
Ryan already summarized my reactions to this proposal in his email,
but it seems useful for me to state them for official record.

1. The design of the Web Crypto API shows a desire to promote good
crypto practices. Exposing the ECB mode runs counter to this design
philosophy.

2. One reason we're considering providing the ECB mode is the
difficulty of specifying the CTR mode parameters that support every
counter incrementing function. I think the CTR mode parameters
specified in the draft are sufficient in practice. Does anyone know of
a protocol that puts the block counter in the high-order bits? Using
LFSR to increment the block counter is attractive to hardware
implementations, but seems awkward for software.

In summary, I would not object to exposing the ECB mode, but I don't
see a strong need for it. In particular, exposing the ECB mode should
not be our way to avoid specifying the CTR mode.

Wan-Teh
Received on Wednesday, 5 September 2012 22:03:31 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Wednesday, 5 September 2012 22:03:32 GMT