~mdw
/
doc
/
modes
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
16ad846
)
Change acknowledgements.
master
author
Mark Wooding
<mdw@distorted.org.uk>
Wed, 1 Nov 2006 15:16:20 +0000
(15:16 +0000)
committer
Mark Wooding
<mdw@distorted.org.uk>
Wed, 1 Nov 2006 15:16:20 +0000
(15:16 +0000)
modes.tex
patch
|
blob
|
blame
|
history
diff --git
a/modes.tex
b/modes.tex
index
2f986ea
..
3f2ffec
100644
(file)
--- a/
modes.tex
+++ b/
modes.tex
@@
-1753,6
+1753,10
@@
definition characterizes these kinds of `bad' IVs.
For all $\ell > 0$ and $t < \ell$, the string $0^{\ell-1} 1$ does not
$t$-slide.
\end{remark}
For all $\ell > 0$ and $t < \ell$, the string $0^{\ell-1} 1$ does not
$t$-slide.
\end{remark}
+
+%% Thinking about the probability that a random l-bit string t-slides...
+%%
+%%
\subsection{Security of CFB mode}
\subsection{Security of CFB mode}
@@
-2301,8
+2305,10
@@
wait, or I'll have to drop this bit.
\section{Acknowledgements}
\section{Acknowledgements}
-Thanks to Clive Jones for his suggestions on notation, and his help in
-structuring the proofs.
+Thanks are due to David Wagner for pointing me at \cite{Alkassar:2001:OSS}
+and warning me of the dangers of sliding IVs in CFB mode. Thanks also to
+Clive Jones for his suggestions on notation, and his help in structuring the
+proofs.
%%%----- That's all, folks --------------------------------------------------
%%%----- That's all, folks --------------------------------------------------