Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.

Authenticating Block Cipher Modes
Galois/Counter Mode (GCM) is a special case. It provides encryption/decryption and authentication for a set of data. The
encryption/decryption uses operations that are equivalent to counter mode, but the authentication mechanism operates on
whole blocks of data. For this reason, GCM uses keystreams to encrypt/decrypt data, but must also be padded at the end of
a set of encryptions/decryptions to generate an authentication tag. GCM can also authenticate a set of data that will not be
encrypted. For example, if you have a packet of data with a header and a payload, you could use GCM to authenticate the
header and payload with one authentication tag, but only encrypt the payload.
GCM operates on data in a specific order. First, data that is to be authenticated but not encrypted/decrypted is processed. If
necessary this data is padded to one block size. For an encryption, the plaintext is then encrypted and the resulting
ciphertext is authenticated. For a decryption, the ciphertext is authenticated, and then decrypted into a plaintext. The
authenticated ciphertext is also padded. Finally, the lengths of the non-encrypted/decrypted data and ciphertext are
authenticated, and an authentication tag is generated.
GCM Authenticated Data Organization
1.4 Using the Library MLA - Crypto Library Help Abstraction Model
12

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh