3.10.3 Hash Functions ..................................... 26
3.10.4 MAC Algorithms ..................................... 27
3.10.5 Compression Algorithms ............................. 27
- 3.11 SILC Public Key .......................................... 27
+ 3.11 SILC Public Key .......................................... 28
3.12 SILC Version Detection ................................... 30
- 3.13 Backup Routers ........................................... 30
+ 3.13 Backup Routers ........................................... 31
3.13.1 Switching to Backup Router ......................... 32
3.13.2 Resuming Primary Router ............................ 33
- 3.13.3 Discussion on Backup Router Scheme ................. 35
+ 3.13.3 Discussion on Backup Router Scheme ................. 36
4 SILC Procedures ............................................... 36
4.1 Creating Client Connection ................................ 36
4.2 Creating Server Connection ................................ 38
4.7 Channel Message Sending and Reception ..................... 43
4.8 Session Key Regeneration .................................. 43
4.9 Command Sending and Reception ............................. 44
- 4.10 Closing Connection ....................................... 44
+ 4.10 Closing Connection ....................................... 45
4.11 Detaching and Resuming a Session ......................... 45
5 Security Considerations ....................................... 47
6 References .................................................... 48
3.10.1.3 Randomized CBC Mode
The "rcbc" encryption mode is CBC mode with randomized IV. This means
-that each IV for each packet MUST be chosen randomly (same IV is used
-to encrypt all blocks in the given packet). In this mode the IV is
-appended at the end of the last ciphertext block and thus delivered to
-the recipient. This mode increases the ciphertext size by one
-ciphertext block. Note also that some data payloads in SILC are capable
-of delivering the IV to the recipient. When explicitly encrypting these
-payloads with randomized CBC the IV MUST NOT be appended at the end
-of the ciphertext.
+that each IV for each packet MUST be chosen randomly. When encrypting
+more than one block the normal inter-packet chaining is used, but for
+the first block new random IV is selected in each packet. In this mode
+the IV is appended at the end of the last ciphertext block and thus
+delivered to the recipient. This mode increases the ciphertext size by
+one ciphertext block. Note also that some data payloads in SILC are
+capable of delivering the IV to the recipient. When explicitly
+encrypting these payloads with randomized CBC the IV MUST NOT be appended
+at the end of the ciphertext. When encrypting these payloads with
+"cbc" mode they implicitly become randomized CBC since the IV is
+usually selected random and included in the ciphertext. In these
+cases using either CBC or randomized CBC is actually equivalent.
.ti 0
Additional compression algorithms MAY be defined to be used in SILC.
+
.ti 0
3.11 SILC Public Key
The software version MAY be freely set and accepted. The version string
MUST consist of printable US-ASCII characters.
-
Thus, the version strings could be, for example:
.in 6
is defined in [SILC2].
+
+
.ti 0
3.13.3 Discussion on Backup Router Scheme
generated if the SILC_CMODE_PRIVKEY mode is set.
-
.ti 0
4.4 Channel Key Generation
from its own server.
+
.ti 0
4.10 Closing Connection
projects / crypto.git / blobdiff