From: <fr...@baggins.org>
I have modified your code to use XTS, which I think will achieve what you
want to do:
- It supports random read and write access to your data
- It is standards based so you don't have to make up your own way of
doing things and potentially open yourself up to security issues
- You do not have to store a separate key and/or IV for each of the
records that you want to encrypt
Thank you for your experiment with XTS mode. I got a feeling that it may fit
me. Could you tell me anything you know about the following regarding XTS?
Q1: Is AES-XTS officially supported by OpenSSL 1.0.1? I'm wondering if XTS
is still an experimental feature in OpenSSL, because the file "Changes" in
the OpenSSL 1.0.1 tarball does not refer to XTS.
Please look at crypt/evp/evp_enc.c. The below code fragment in
EVP_CipherInit_ex() does not appear to have support code for XTS.
--------------------------------------------------
if(!(EVP_CIPHER_CTX_flags(ctx) & EVP_CIPH_CUSTOM_IV)) {
switch(EVP_CIPHER_CTX_mode(ctx)) {
case EVP_CIPH_STREAM_CIPHER:
case EVP_CIPH_ECB_MODE:
break;
case EVP_CIPH_CFB_MODE:
case EVP_CIPH_OFB_MODE:
ctx->num = 0;
/* fall-through */
case EVP_CIPH_CBC_MODE:
...
break;
case EVP_CIPH_CTR_MODE:
...
break;
default:
return 0;
break;
}
}
--------------------------------------------------
Q2: Is AES-XTS slower than AES-CBC? Does AES-NI speed up AES-XTS like
AES-CBC?
Thanks.
Regards
MauMau
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
