[Cryptech Tech] [Cryptech-Commits] [user/sra/aes-keywrap] 01/01: Initial commit of AES Key Wrap implementation.

Peter Gutmann pgut001 at cs.auckland.ac.nz
Wed May 6 11:27:09 UTC 2015


Russ Housley <housley at vigilsec.com> writes:

>While the document does not list authors, I do not agree with the rest of
>your characterization.  I think of AES Key Wrap as an AEAD.  The algorithm
>has been published for a long time.  If someone outside an intelligence
>agency had an attack on this FIPS-approved algorithm, I think they would make
>a name for themselves by publishing it.

Absence of evidence doesn't provide evidence of absence.  It's not just that
there's no analysis showing weakness published, there's simply no analysis at
all published.  We don't even know who wrote the document, it's just an
anonymous PDF found on the NIST web site (it's also not present at the
location given in RFC 3394, you have to Google for it and then follow the link
you get as a result).

So we're supposed to use an anonymous PDF describing an algorithm with no
published analysis found by Googling its name and clicking on whatever link
comes up... that's a pretty dodgy reference.

Peter.



More information about the Tech mailing list