firstname.lastname@example.org Thu Aug 9 07:22:21 2001
Date: Thu, 09 Aug 2001 07:25:34 -0400
From: Robert Shea <email@example.com>
To: firstname.lastname@example.org, email@example.com, firstname.lastname@example.org,
CC: B.Snow@radium.ncsc.mil, email@example.com, firstname.lastname@example.org,
Subject: Dual Counter Mode (DCM)
behalf of Brian Snow, Technical Director, Information Assurance, NSA,
following message is forwarded to the AES Team at NIST:
NSA believes that a license-free high-speed integrity-preserving
of operation is needed for the Advanced Encryption Standard, and was
to submit the “Dual Counter Mode” (DCM) as a participant in the
of AES Modes Workshops sponsored by NIST.
Recently Virgil Gligor and Pompiliu Donescu of the University of
Phillip Rogaway of the UC Davis and Chiang Mai University,
Wagner of Berkeley, and possibly others, have produced results
the secrecy and integrity claims made for DCM. We commend
for their work.
We withdraw the Dual Counter Mode for consideration as a mode of
for AES at this time, while we consider the observations and
ramifications. We believe a license-free high-speed integrity-preserving
of operation is still needed for AES, and will continue to work on this
as well as encourage others to do so.