netbsd-users: Re: cgd: CBC or no CBC

Subject: Re: cgd: CBC or no CBC
To: Florian Stoehr <netbsd@wolfnode.de>
From: Steven M. Bellovin <smb@cs.columbia.edu>
List: netbsd-users
Date: 01/21/2005 14:29:21

In message <Pine.NEB.4.61.0501212008360.195@irina.net.flo>, Florian Stoehr writ
es:
>Hi,
>
>in NetBSD guide: "All three ciphers are used in CBC mode. This means each 
>block is XORed with the previous encrypted block before encryption.".
>
>Is this correct?
>
>I'm not native English, so the original author's text is not easy to 
>unserstand for me. As far as I understand, the text says that each block 
>is encrypted SEPARATELY from any other block - with a different IV each, 
>IV is the encrypted block number encrypted with the same key used for the 
>data.
>
>???
>
>Can someone explain that, please?
>Is the guide wrong here?
>

No, the guide is correct, but it's hard to understand as written.  
There's a graphical picture on slie 27 (page 28) of a cryptography 
tutorial I gave a few months ago; see
http://www1.cs.columbia.edu/~smb/talks/crypto-tut.ps
or http://www1.cs.columbia.edu/~smb/talks/crypto-tut.pdf

		--Prof. Steven M. Bellovin, http://www.cs.columbia.edu/~smb