AES modes #11
Comments
You tell us if there is a demand? :) Which modes, in particular? Most modes are fairly trivial. For CTR modes a different AES implementation approach may be best (in particular one that runs several blocks in parallel can be more efficient) although CTR modes are .. yuck. |
|
libbtc has a CBC implementation based on ctaes (only 256). https://github.com/libbtc/libbtc/blob/master/src/aes256_cbc.c I think there is a demand... I heard of serval developers who are doing (or did) an CBC implementation on top of ctaes. |
|
I believe at least CTR and CBC mode should be included here. It's sort of incomplete and dangerous to use without. |
|
CBC, CFB and CTR would be really nice to have. |
|
SIV perhaps, it would be a shame to support ultra-footgunny CTR and not also support at least something relatively safe. |
|
What's status of this? Still considered a good idea to include some AES modes here, just nobody has time and interest? At my dayjob, we currently are looking for some AES library to use both at server and embedded end and this looks like a good candidate. And if we implement CBC anyway, I might as well send a PR here. |
|
I would gladly include constant-time CBC here. |
8835446 Implement constant time AES CBC (Kristaps Kaupe) Pull request description: Tried to not change anything in existing code, except for making `AES_encrypt()` and `AES_decrypt()` public. Related to #11. ACKs for top commit: sipa: ACK 8835446 gmaxwell: ACK 8835446 Tree-SHA512: aab1b44989610a86458dfa782f99803051ce000ff843c4ac13f3ef9f9e4ec0b3d6cfa72fef12c079af9c9f70167def39b4bc66f3b8d37a1ff14a84562616032a
|
CBC mode is implemented in #14. |
Is there a demand or plan to add various AES modes?
The text was updated successfully, but these errors were encountered: