Questions tagged [modes-of-operation]

Question 1

XChaCha20 takes a 192-bit nonce and a 64-bit counter, but I need a 256-bit nonce. Can I simply XOR the 64-bit counter to the bottom of a 256-bit random nonce? This would be analogue to the XCTR mode ...

Question 2

My basic idea was that one can use a CBC mode of operation, with the file's message digest as an IV: The digest could then either be stored somewhere, or chaffed (dispersed) through the ciphertext, ...

Question 3

To my mind, there are two go-to uses for a tweak input for a block cipher or mode of operation: A counter to make each block in a sequence of message blocks encrypt differently. A counter for a ...

Question 4

PRINCE is a low-latecy 64-bit block cipher designed for/by NXP (I don't know if anyone else uses it). For instance, this dev board FRDM-MCXN947 has the following diagram which shows the internal ...

Question 5

I'm learning about block cipher operation modes and have a small question. I am listening to a lecture recording that casually mentions that when using Galois Counter Mode with AES over the internet (...

Question 6

This question concerns any possible single-key block cipher mode of operation that would need two or more "subkeys", derived using the underlying block cipher, for direct invocations of the ...

Question 7

This question is in regards to "A Graduate Course in Applied Cryptography" by Boneh-Shoup, section 6.4.1 "The CBC prefix-free secure PRF". In the proof for the security strength of ...

Question 8

This is for understanding when the bound the birthday bound applies in block cipher modes. Suppose that $E(K, X)$/$D(K, X)$ is a block cipher. $T=T_0||T_1||T_2||T_3$ is a tweak value that is twice the ...

Question 9

In the context of AE mode of operation, what is the maximum possible number of blocks that an $n$-bit MAC tag can protect? I'm assuming it's $2^{n / 2}$.

Question 10

OCB (Offset Codebook Mode) for block ciphers is a very interesting approach to solving authentication with what appears to be the absolute minimal performance impact possible (for AE under a block ...

Question 11

Suppose you whiten plaintext with a weak stream cipher (that is not known-plaintext secure) such as the message/key schedule of SHA-2. Using key1 (ex. 512 bits for sha256 schedule). Then encrypt the ...

Question 12

Block ciphers have several modes of operation. Some of them (ECB, CBC) require that the function used for decryption be invertible. Other modes (CTR, OFB) use the same function for both encryption and ...

Question 13

I have a black box system that is doing some encryption that I need to reverse engineer so I can replicate it in new software. I know the input, the output, and the key. An example: Plain text: ...

Question 14

L3Harris lists “ECB w/VCC” as a supported AES mode of operation for some of their devices. There seems to be no information on such a mode of operation on the Internet. What could “ECB w/VCC” mean and ...

Question 15

The CTR mode of operation converts a block cipher into a stream cipher by having it encrypt a series of counter values (which are derived from the nonce+IV). So long as the counter values used with a ...

Stack Exchange Network

Questions tagged [modes-of-operation]

Can I have a 32-byte nonce XChaCha20 by XORing the counter?

Is this mode of operation likely to be recipe for unbreakable ciphers?

Practical applications of a block cipher tweak input

Questions on PRINCE modes

GCM AES over (wireless) internet - why reset counter with every packet?

Deriving subkeys for a mode of operation

Prefix Free secure PRF Security strength

Security bound of a simple tweakable block cipher mode

Maximum message length for an n-bit authentication tag

OCB design questions and possible simplification from a security perspective

Security of encrypting whitened plaintext with ECB [closed]

Designing a Block Cipher with a One-Way Function

Reverse engineering black box cryptography

What block cipher mode of operation is "ECB w/VCC"?

Modifying counter sequence in CTR mode of operation to mitigate IV+Nonce near collision

Hot Network Questions