Subject: Re: FUD about CGD and GBDE
To: Richard Coleman <email@example.com>
From: Poul-Henning Kamp <firstname.lastname@example.org>
Date: 03/03/2005 18:55:16
In message <42274A0C.email@example.com>, Richard Coleman writes:
>For instance, the NIST specification for AES and CCM mode (NIST Special
>Publication 800-38C) specifically states that you must limit the number
>of invocations of the block cipher (specifically AES) to 2^61. Now, I
>realize that is an upper bound. But even after removing several orders
>of magnitude, that leaves a huge amount of material you can encrypt with
>a single key.
>Just throwing out a data point.
This would be much more interesting if you qouted the number they will
say ten and twenty years from now.
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.