What's so funny? WAS Re: rotor replacement

[Paul Rubin]

Nick Craig-Wood <nick at craig-wood.com> writes:
> I would hate to see a module which only implemented ECB.  Sure its the
> only operation necessary to build the others out of, but its the least
> secure mode of any block cipher.

It's intended as a building block for other modes.  Most applications
shouldn't use it directly.

> If you don't offer users a choice, then they'll use ECB and just that
> along with all its pitfalls, meanwhile thinking that they are secure
> because they are using AES/DES...

The documentation has to be written somewhat forcefully to tell users
what not to do.  I can help with that.  I've had to do that a lot,
supporting crypto packages in projects where the other programmers
haven't used crypto very much.