OpenSSL/TLS /AES-GCM IV/Key uniqueness compliance with SP800-38D Section 8

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



All,

We are using OpenSSL 1.0.1e/FIPS 2.0.11 on CentOS6 x86_64 and I have a question about the TLS GCM Cipher suites -

Do the TLS GCM suites satisfy the requirements of Section 8 of SP 800-38D ?

If I am reading the document right, the following are the requirements therein.


1)      The probability that the authenticated encryption function ever will be invoked with the same IV and same key on two (or more) distinct sets of input data shall be no greater than 2-32.

2)      Any GCM key that is established among its intended users shall, with high probability, be fresh.

3)      The total number of invocations of the authenticated encryption function shall not exceed 232, including all IV lengths and all instances of the authenticated encryption function with the given key.

TIA.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160527/1e8683c4/attachment.html>


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux