Re: [P1619-2] EME-2 definition/choice of M1 in middle layer mask update

Thread Links	Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

Thread Links

Date Links

Thread Prev

On Thu, Feb 4, 2010 at 11:48 AM, Colin Sinclair <colin@xxxxxxxxxxxxxx> wrote:

Summary:

1. Use of M1 (*always*) in middle mixing layer 129th block needs to be clarified on Figure 2. The psuedo-code is however correct.

2. Need one additional test vector of length at least 4129 bytes to ensure correct Mi computation for i >= 2.

I guess I could verify a new vector... now that I have corrected my understanding!

Cheers,

Colin.

-----Original Message-----
From: Matt Ball [mailto:matthew.v.ball@xxxxxxxxx]
Sent: 04 February 2010 17:39
To: P1619-2@xxxxxxxxxxxxxxxxx
Subject: Re: [P1619-2] EME-2 definition/choice of M1 in middle layer mask update

We need to make sure that these comments are included in the outstanding sponsor ballot before it closes. I can submit these comments as 'Rogue Comments', unless someone else in the sponsor ballot pool would like to submit them instead. Can someone summarize the issues into a brief list?

The other issue is that if we decide to create additional test vectors, we need a volunteer to produce such test vectors, and another volunteer to independently verify. Are there any takers for producing the test vectors?

Thanks!
-Matt

On Thu, Feb 4, 2010 at 9:52 AM, Shai Halevi <shaih@xxxxxxxxxxxx> wrote:

> Finally, I'll just reiterate that, from a standards viewpoint, the test
> vector coverage is not good enough, because the longest 2065 bytes vector
> does not test Mi computation or usage for i >= 2, which is different to
> the i=1 computation. It is /necessary/ to have a 258.x block vector to
> get full coverage of the branches of the algorithm.

I agree. -- Shai

--
Thanks!

Matt Ball, Chair, IEEE P1619 Security in Storage Working Group
Staff Engineer, Sun Microsystems, Inc.
500 Eldorado Blvd, Bldg #5 BRM05-212, Broomfield, CO 80021
Work: 303-272-7580, Cell: 303-717-2717