W3C home > Mailing lists > Public > public-webcrypto@w3.org > September 2012

Re: Support for ECB

From: Emily Stark <estark@MIT.EDU>
Date: Thu, 13 Sep 2012 12:41:57 -0400
Message-ID: <CANaV9UyiEc1hEcP5Y1srmKbMLHu09iTe1-ZAkThETf0GRMdQ1A@mail.gmail.com>
To: Zooko Wilcox-OHearn <zooko@leastauthority.com>, sleevi@google.com
Cc: public-webcrypto@w3.org
I can't find discussion on the mailing list about the unsafe namespace idea
(maybe my search skills are failing me) -- are there arguments against it?


On Thu, Sep 13, 2012 at 12:17 PM, Zooko Wilcox-OHearn <
zooko@leastauthority.com> wrote:

> On Tue, Sep 11, 2012 at 12:15 PM, Ryan Sleevi <sleevi@google.com> wrote:
> >
> > To bootstrap any of the following modes with suitable performance
> > characteristics:
> >
> > CTR || CCM (which starts with CTR) || GCM (which starts with CTR)
>
> I don't understand how a situation could arise where a programmer
> would need to use ECB mode to implement these (or for any other
> purpose). It seems like that situation would arise only if the
> underlying platform offered ECB mode but not CTR mode. But why don't
> we just discourage implementors from offering ECB mode and encourage
> them to offer CTR mode? (And, as previously suggested, encourage them
> to offer an AES block-encryption function that operates on only a
> single block.)
>
> Regards,
>
> Zooko Wilcox-O'Hearn
>
> Founder, CEO, and Customer Support Rep -- Least Authority Enterprises
>
> https://leastauthority.com
>
>
Received on Thursday, 13 September 2012 16:42:29 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 13 September 2012 16:42:30 GMT