[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: New Mechanisms subgroup Part 3 or 4, new AES
Part 3 New AES Mechanism:All these mechanisms are reasonably straight forward, and can be added using standard templated for their type. The first 3 are MACing mechanism. The last is an encryption mechanism.
CKM_AES_GMAC This is a signing mechanism with a CK_AES key. It takes no parameters.Used by IPsec. GCM (Galois/Counter Mode) for Message Authentication Code (MAC). It is a special case of GCM: The MAC is computed on the "Additional Authenticated Data" passed in via the mechanism parameter. There is no plaintext or ciphertext.
Reference: http://en.wikipedia.org/wiki/Galois/Counter_Mode CKM_AES_XCBC_MAC This is a signing mechanism with a CK_AES key. It takes no parameters. Extended CBC mode (Ciphertext Block Chaining) for MAC. RFC 3566. Reference: http://www.ietf.org/rfc/rfc3566.txt CKM_AES_XCBC_MAC_96CKM_AES_XCBC_MAC_96 is a special case used with IPsec. 128-bit result truncated to 96 bits.
CKM_AES_XTSThis is an encryption/decryption mechanism with a CK_AES key. It takes not paramters.
AES using XTS, Ciphertext Stealing Mode. IEEE P1619 standard. It's a non-expanding cipher, meaning the length of the ciphertext is the same as the plaintext, and the ciphertext is also a MAC.
Reference: http://en.wikipedia.org/wiki/IEEE_P1619 -
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]