[Cryptech Tech] AES SIV mode for key wrapping?

Russ Housley housley at vigilsec.com
Tue Mar 17 13:21:59 UTC 2015

Previous message (by thread): [Cryptech Tech] AES SIV mode for key wrapping?
Next message (by thread): [Cryptech Tech] AES SIV mode for key wrapping?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

SIV is seeing almost no uptake.  AES KEY-WRAP is preferred.

Russ


On Mar 17, 2015, at 5:36 AM, Rob Austein wrote:

> So our roadmap (under construction, but also under discussion today)
> lists AES as a requirement for key wrapping for HSM backup.
> Specifically, it lists SIV mode, which is one I hadn't heard of until
> now.  RFC 5297 is interesting, but I'm not competent to have an
> opinion on crypto at this level.
> 
> Crypto guys (Russ, PeterG, etc), please confirm that SIV is the mode
> we should be using for this, or tell us what we should use instead.
> 
> Is SIV also an appropriate mode to use for the encrypted key store
> within the HSM?
> _______________________________________________
> Tech mailing list
> Tech at cryptech.is
> https://lists.cryptech.is/listinfo/tech

Previous message (by thread): [Cryptech Tech] AES SIV mode for key wrapping?
Next message (by thread): [Cryptech Tech] AES SIV mode for key wrapping?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Tech mailing list