[prev in list] [next in list] [prev in thread] [next in thread]
List: gnupg-devel
Subject: Re: Standards: IETF WG proposing incompatible despite implementations and objections
From: Jeffrey Walton via Gnupg-devel <gnupg-devel () gnupg ! org>
Date: 2023-04-27 16:44:33
Message-ID: CAH8yC8nWeVVaGkgCh=Jn8rEnf2yZPqwFSWm6G+-TbYfBzypjzQ () mail ! gmail ! com
[Download RAW message or body]
On Wed, Apr 26, 2023 at 8:37 PM Bruce Walzer <bwalzer@59.ca> wrote:
> [...]
> There was a complaint that there were too many block encryption modes
> in one of the earlier drafts. There was OCFB, OCFB-MDC, OCB, EAX, and
> GCM. My understanding was that EAX was only there because of the
> uncertain patent status of OCB. Then GCM was added. The patent status
> of OCB is very clear now and has been for something like 3 years. If
> the process is capable of making substantive changes then EAX should
> be removed by now, thus at least partially reflecting the concern
> about too many block modes.
EAX was one of my favorite modes back in the early 2000s. It had a lot
of benefits with little downside. Cf.,
https://www.cryptopp.com/wiki/AEAD_Comparison .
To play devil's advocate... how does one decrypt an old message or
file encrypted using EAX mode if EAX mode is removed?
If EAX is going to be removed, then there has to be a path forward for
users. I think it is a bad idea to simply cut them off. That's bad
design and bad usability.
Perhaps it would be better to deprecate EAX mode, and suggest it not
be used for new messages. It might even be enforced by making it
runtime configurable, and defaulting to off.
Jeff
_______________________________________________
Gnupg-devel mailing list
Gnupg-devel@gnupg.org
https://lists.gnupg.org/mailman/listinfo/gnupg-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic