OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

pkcs11 message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]


Subject: Re: [pkcs11] Proposal: CKM_AES_XTS


On 8/5/2013 1:15 PM, Michael StJohns wrote:
I don't have a problem with this proposal in general, but the reference list needs to be cleaned up.  There are 3 different versions of CTS in NIST SP800-38E

*sigh* mis-read the reference.  There are three versions of CTS in SP800-38*A*  not 38E.  38E isn't actually a complete spec, it simply references the IEEE standard (but throws in a length limitations).

OK - given that, instead note that the main standard is the IEEE one, and that the NIST version is the same as the IEEE version with the difference of changing a recommendation into a requirement (e.g. the length of the datablock to encrypt is 2^20 AES blocks max).  I'd recommend you note one way or another whether the NIST requirements apply to the PKCS11 implementation so there's no ambiguity.

Sorry for the confusion.  Had CTS from 38A on the brain from discussions with Robert R earlier.

Mike


and I don't have the IEEE standard so I can't tell what's different there.  And I'm pretty sure the NIST document doesn't mention XEX...  so maybe delete the NIST reference and cite the specific section in IEEE 1619 that applies?

Mike


On 7/31/2013 4:55 PM, Oscar K So Jr. wrote:
Proposal: CKM_AES_XTS

This is an encryption/decryption mechanism with a CK_AES key.

AES using XTS, Ciphertext Stealing Mode. IEEE P1619 standard.
It's a non-expanding cipher, meaning the length of the ciphertext is the same as the plaintext,
and the ciphertext is also a MAC.

Reference:
http://en.wikipedia.org/wiki/IEEE_P1619




---------------------------------------------------------------------
To unsubscribe from this mail list, you must leave the OASIS TC that 
generates this mail.  Follow this link to all your TCs in OASIS at:
https://www.oasis-open.org/apps/org/workgroup/portal/my_workgroups.php 




[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]