Skip to main content
Cryptography

Questions tagged [gcm]

Ask Question

The Galois Counter Mode, an authenticated encryption mode of operation for a block cipher.

318 questions
Newest Active Bountied Unanswered
3 votes
0 answers
111 views

I'm looking at using AES-256-GCM to encrypt data at rest (in a database) with logged-in user id's (among possibly other things) as the authenticated data. I'd like the application to (eventually) ...
ManRow's user avatar
  • 373
0 votes
1 answer
131 views

I'm making an online Client-Server game where upon a client's connection a sessionKey is generated by the server and exchanged securely under TLS during authentication, so that the client can also ...
desynchedneo's user avatar
  • 3
6 votes
1 answer
968 views

According to the NIST spec of GCM (p. 15), the pre-counter block is $J_0 = IV || 0^{31} || 1$ when a 96-bit IV is used. My question is: Why is $J_0$ not $IV || 0^{32}$? This would increase plaintext ...
Moritz Höppner's user avatar
  • 63
0 votes
1 answer
104 views

I'm learning about block cipher operation modes and have a small question. I am listening to a lecture recording that casually mentions that when using Galois Counter Mode with AES over the internet (...
Joshua Schroijen's user avatar
  • 103
0 votes
1 answer
95 views

I lost a encryption key and therefore probably lost some files for good, but the program I used to encrypt files was something I wrote myself, so I'm wondering if there are mistakes I could use to ...
Rob N's user avatar
  • 133
1 vote
1 answer
988 views

I am trying to run an "openssl enc" command: openssl enc -aes-128-ccm -k "xxxx...xxx" -P -md sha256 and I am getting: ...
jstack100's user avatar
  • 111
0 votes
1 answer
382 views

I have read multiple times that data encrypted with the AES-GCM scheme fails catastrophically if you reuse the IV in different instances, leaking the XOR table (to my understanding this means no key ...
Reaper's user avatar
  • 103
0 votes
0 answers
53 views

I am trying to implement a GF128 multiplier using the KOA (Karatsuba-Ofman Algorithm) approach. I have already implemented the KOA multiplier, but I am wondering if its output is the same as the ...
talha mahboob's user avatar
  • 1
0 votes
0 answers
81 views

I'm implementing a mobile VPN product based on AES-GCM that should be resistant against fingerprinting the movements of mobile nodes. A difficulty is that the mobile nodes may not have the best ...
juhist's user avatar
  • 1,643
1 vote
0 answers
210 views

Refering to this thread : using different IV and SALT with AES-CBC but same KEY I am in a similar situation to the one exposed, namely that I need to use AES to encrypt data, however, I cannot ...
Marc Alves's user avatar
  • 31
1 vote
0 answers
103 views

I have written the python implementation below based on this AES-GCM spec document and the paper referenced within. The latter had some significant changes compared to its initial draft. I know my ...
bushrat's user avatar
  • 11
1 vote
1 answer
274 views

I am developing a row level database encryption scheme. Ideally I would not do this and instead rely on something vetted, but I haven't been able to find such a scheme online. My primary concerns are: ...
Daniel's user avatar
  • 11
5 votes
1 answer
476 views

I want to use AES-GCM-SIV for authenticated encryption of messages in my protocol. Since it is a wireless protocol I want to transmit as few bytes as possible. For successful decryption I need to ...
Karsten's user avatar
  • 151
3 votes
1 answer
338 views

In my current project we will have to encrypt a lot of S3 objects (a few billions) with AWS KMS. Our security department requires that we use KMS keys backed by CloudHSM. But since CloudHSM incurs ...
Florian's user avatar
  • 31
1 vote
1 answer
174 views

While examining the initial GCM specification by McGrew and Viega in 2005, it appears that the formation of the 128-bit Initialization Vector by combining a 96-bit nonce and a 32-bit unsigned wrapping ...
xyz's user avatar
  • 21

15 30 50 per page
1
2 3 4 5
22