issue with EVP_EncryptUpdate in XTS mode?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I was doing some comparisons of XTS and GCM mode using the EVP APIs and found a discrepancy that seems to be an issue with XTS.

In GCM mode if the buffer is encrypted in one call to EVP_EncryptUpdate or with several calls with smaller buffers the resulting ciphertext is the same, as I would expect.   With XTS mode, calling EVP_EncryptUpdate results in the same ciphertext for the same plaintext and does not match the results when the buffer is encrypted with one call to EVP_EncryptUpdate.

I would expect that the counter is incremented in both XTS and GCM mode in the same way and that in both cases the output would match regardless of the encryption block size.

A simple repro test is attached.    If you run it you can see that the output "GCM in one block" matches the output for "GCM in 16 byte blocks" and the outputs do not match for XTS.

I am using OpenSSL v1.02p but I have tried with other versions and got the same results.

Am I misunderstanding the use of XTS mode or is this an issue with OpenSSL?

Thanks!

Attachment: xtsgcmtest.c
Description: Binary data

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux