- From: Joseph Ashwood <jashwood@arcot.com>
- Date: Mon, 18 Jun 2001 15:47:51 -0700
- To: <xml-encryption@w3c.org>
There is a current discussion on the sci.crypt newsgroup regarding my message regarding that ECB may be at least as secure as CBC for some purposes. It's an ongoing discussion and many people have said a great many different things (there are over 60 messages right now). There has been both support for my idea, and challenge to it. The most respectable counterargument comes from David Wagner, he said: "the argument is nonsense. ECB is far less secure than CBC mode, and in his scenario he forgot to consider that there are non-key-recovery attacks on ECB mode that are extremely serious. This invalidates the claim. In my opinion, it would be absurd to use ECB mode. CBC mode is just fine." That conversation has since developed between me and David, and we have both slightly revised our positions. There has been suggestion to use two other modes of operation (counter mode and one other where the name wasn't given). The discussion of what method of attack I meant was briefly discussed. There has been support for my personal opinions, and at least one person who expressed lack of support for my personal opinions. If you are interested in seeing the various sides of the issue as seen by various cryptography folks, both professional and amateur I would encourage you to read the conversation. It began on 6/15/2001 at 2:20PM by Ics Mixmaster Remailer. I gave my word to the group that I would forward any comments that were desired to be forwarded so I will be replying to this message with all of them good or bad that they asked to be forwarded. Joe
Received on Monday, 18 June 2001 18:55:12 UTC