Re: [hybi] AES-128-CTR not much safer, but not fast either
Yuta Kitamura <yutak@chromium.org> Wed, 12 January 2011 08:54 UTC
Return-Path: <yutak@google.com>
X-Original-To: hybi@core3.amsl.com
Delivered-To: hybi@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8A1CD3A69E5 for <hybi@core3.amsl.com>; Wed, 12 Jan 2011 00:54:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.976
X-Spam-Level:
X-Spam-Status: No, score=-102.976 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id thdsEFhehbTk for <hybi@core3.amsl.com>; Wed, 12 Jan 2011 00:54:13 -0800 (PST)
Received: from smtp-out.google.com (smtp-out.google.com [74.125.121.67]) by core3.amsl.com (Postfix) with ESMTP id 7E0993A681B for <hybi@ietf.org>; Wed, 12 Jan 2011 00:54:12 -0800 (PST)
Received: from wpaz1.hot.corp.google.com (wpaz1.hot.corp.google.com [172.24.198.65]) by smtp-out.google.com with ESMTP id p0C8uUtw028394 for <hybi@ietf.org>; Wed, 12 Jan 2011 00:56:30 -0800
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=google.com; s=beta; t=1294822591; bh=wK400SdVK6UXTUItTpngVcQfR6M=; h=MIME-Version:Sender:In-Reply-To:References:Date:Message-ID: Subject:From:To:Cc:Content-Type; b=qw95yuTlrsfafDvvQsdoQavCylrbefk8zRRpZtuCWCQVWCkEOVKI+ziBsOaNuQ94h XHEWrJ5iRkh85XfB1x66w==
Received: from gwaa12 (gwaa12.prod.google.com [10.200.27.12]) by wpaz1.hot.corp.google.com with ESMTP id p0C8uSR0030526 for <hybi@ietf.org>; Wed, 12 Jan 2011 00:56:29 -0800
Received: by gwaa12 with SMTP id a12so135759gwa.20 for <hybi@ietf.org>; Wed, 12 Jan 2011 00:56:28 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=beta; h=domainkey-signature:mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=RgRLgjge2lfRYQqDD6IQxE3a/dQyJnmwd6XTRkXdKbs=; b=g1wlzN4v7KMOAy9sR5pabN5FfhHIED7DJRnHTc97YVTsV7iFiDk6XlP3a+h8tbSkxa 8WHyyYrbkJFoYU8LBOeA==
DomainKey-Signature: a=rsa-sha1; c=nofws; d=google.com; s=beta; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; b=VmDPDTKrMQPTgdin23ficWXPRQkLE7rNTwKIMY7zqNRj/m4iNf7LZ7lcwx36GrEYrV 8dp+G1M0Hl5jHZukZvYg==
MIME-Version: 1.0
Received: by 10.90.51.12 with SMTP id y12mr1258629agy.198.1294822588833; Wed, 12 Jan 2011 00:56:28 -0800 (PST)
Sender: yutak@google.com
Received: by 10.91.220.19 with HTTP; Wed, 12 Jan 2011 00:56:28 -0800 (PST)
In-Reply-To: <20110110000908.GD5743@1wt.eu>
References: <20110110000908.GD5743@1wt.eu>
Date: Wed, 12 Jan 2011 17:56:28 +0900
X-Google-Sender-Auth: IIRCietxRusbEm2n72BcH76y6vQ
Message-ID: <AANLkTi=LBeH6RReypRb1BoH=2-jw-_qxRsaqQCT13MNA@mail.gmail.com>
From: Yuta Kitamura <yutak@chromium.org>
To: Willy Tarreau <w@1wt.eu>
Content-Type: multipart/alternative; boundary="00163630f261745fae0499a2600c"
X-System-Of-Record: true
Cc: Hybi <hybi@ietf.org>
Subject: Re: [hybi] AES-128-CTR not much safer, but not fast either
X-BeenThere: hybi@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Server-Initiated HTTP <hybi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hybi>
List-Post: <mailto:hybi@ietf.org>
List-Help: <mailto:hybi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hybi>, <mailto:hybi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jan 2011 08:54:14 -0000
Hi, On Mon, Jan 10, 2011 at 9:09 AM, Willy Tarreau <w@1wt.eu> wrote: > willy@pcw:~/c$ time ./aes-128-ctr-get > Found the 'GET\n' pattern on the wire after 1608425803 bytes > > The probability that you get some four-byte data from a random byte sequence is 1/(256^4) = 1/4294967296 for each byte. Please note that the order of 256^4 is almost same as the above number. This means that, statistically, it's quite possible to find a four-byte 'GET\n' sequence (and any other four-byte sequence) in a few gigabytes of random bytes. I think your experiment has just shown that the output of AES-128-CTR is random enough. I'm sorry if I'm missing your point. Thanks, Yuta
- Re: [hybi] AES-128-CTR not much safer, but not fa… Thomson, Martin
- [hybi] AES-128-CTR not much safer, but not fast e… Willy Tarreau
- Re: [hybi] AES-128-CTR not much safer, but not fa… Adam Barth
- Re: [hybi] AES-128-CTR not much safer, but not fa… Willy Tarreau
- Re: [hybi] AES-128-CTR not much safer, but not fa… Adam Barth
- Re: [hybi] AES-128-CTR not much safer, but not fa… Willy Tarreau
- Re: [hybi] AES-128-CTR not much safer, but not fa… Willy Tarreau
- Re: [hybi] AES-128-CTR not much safer, but not fa… Adam Barth
- Re: [hybi] AES-128-CTR not much safer, but not fa… Willy Tarreau
- Re: [hybi] AES-128-CTR not much safer, but not fa… Adam Barth
- Re: [hybi] AES-128-CTR not much safer, but not fa… Willy Tarreau
- Re: [hybi] AES-128-CTR not much safer, but not fa… Adam Barth
- Re: [hybi] AES-128-CTR not much safer, but not fa… Willy Tarreau
- Re: [hybi] AES-128-CTR not much safer, but not fa… Adam Barth
- Re: [hybi] AES-128-CTR not much safer, but not fa… Willy Tarreau
- Re: [hybi] AES-128-CTR not much safer, but not fa… Scott Ferguson
- Re: [hybi] AES-128-CTR not much safer, but not fa… Bruce Atherton
- Re: [hybi] AES-128-CTR not much safer, but not fa… Yuta Kitamura
- Re: [hybi] AES-128-CTR not much safer, but not fa… Willy Tarreau
- Re: [hybi] AES-128-CTR not much safer, but not fa… Cedric Vivier