Re: Updated IV for XTS

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Freitag, 8. September 2017, 12:47:54 CEST schrieb Harsh Jain:

Hi Harsh,

> Hi,
> 
> XTS template does not seems updating the IV after request completion. Same
> output if we run belwo command in loop
> 
> [root@heptagon test]# ./kcapi -x 1 -d 4 -s  -e -c "xts(aes)" -i
> 7fbc02ebf5b93322329df9bfccb635af -k
> 8d7dd9b0170ce0b5f2f8e1aa768e01e91da8bfc67fd486d081b28254c99eb423 -p `perl
> -e 'print "e" x  32'` 4ea328cd5b10d0cb3bbc7ab92d54072d
> 4ea328cd5b10d0cb3bbc7ab92d54072d
> 4ea328cd5b10d0cb3bbc7ab92d54072d
> 4ea328cd5b10d0cb3bbc7ab92d54072d
> 
> Is IV update not required for XTS as we did for cbc,ctr mode.
> 
> Regards
> Harsh Jain

Hm, are you sure you sent the right command?

../bin/kcapi -x 1 -d 4 -s  -e -c "xts(aes)" -i 
7fbc02ebf5b93322329df9bfccb635af -k 
8d7dd9b0170ce0b5f2f8e1aa768e01e91da8bfc67fd486d081b28254c99eb423 -p `perl -e 
'print "e" x  32'`
4ea328cd5b10d0cb3bbc7ab92d54072d
24c7c1967a3768a17ff0afe976381a79
5b23fff5d3a5c75090229e5b9ad807e7
ffc8927be32448f2ba67bbe6e0087805

vs

../bin/kcapi -x 1 -d 4 -e -c "xts(aes)" -i 7fbc02ebf5b93322329df9bfccb635af -k 
8d7dd9b0170ce0b5f2f8e1aa768e01e91da8bfc67fd486d081b28254c99eb423 -p `perl -e 
'print "e" x  32'`
4ea328cd5b10d0cb3bbc7ab92d54072d
4ea328cd5b10d0cb3bbc7ab92d54072d
4ea328cd5b10d0cb3bbc7ab92d54072d
4ea328cd5b10d0cb3bbc7ab92d54072d


The key difference is the -s -- the stream mode.

Note that only the stream mode API of libkcapi "keeps the cipher handle open" 
(i.e. and thus the state).

The "one-shot" API does one complete cipher operation and kills the state.

See http://www.chronox.de/libkcapi/html/Usage.html#idm140613614152864 for 
details.

Ciao
Stephan



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux