Академический Документы
Профессиональный Документы
Культура Документы
Counter (CTR)
• a “new” mode, though proposed early on
• similar to OFB but encrypts counter value
rather than any feedback value Counter
• must have a different key & counter value (CTR)
for every plaintext block (never reused)
Oi = EK(i)
Ci = Pi XOR Oi
• uses: high-speed network encryptions
Advantages and Limitations of CTR
• efficiency
– can do parallel encryptions in h/w or s/w Feedback
– can preprocess in advance of need
– good for bursty high speed links
Character-
• random access to encrypted data blocks istics
• provable security (good as other modes)
• but must ensure never reuse key/counter
values, otherwise could break (cf OFB)
XTS-AES Mode
• new mode, for block oriented storage use
– in IEEE Std 1619-2007
• concept of tweakable block cipher
XTS-AES
• different requirements to transmitted data Mode
• uses AES twice for each block per block
Tj = EK2(i) × αj (× and exp. in GF(2128))
Cj = EK1(Pj XOR Tj) XOR Tj
where i is tweak and j is sector no
• each sector may have multiple blocks
Advantages and Limitations of
XTS-AES
• efficiency
– can do parallel encryptions in h/w or s/w
XTS-AES
– random access to encrypted data blocks
Mode • has both nonce & counter
Overview • addresses security concerned related to
stored data