Comments on XTS-AES
نویسندگان
چکیده
This is a comment in response to the request for comment on XTS-AES, as specified in IEEE Std. 1619-2007 [7]. Overall, we believe that the XTS AES algorithm, closely based on Rogaway’s XEX mode [5] plus ciphertext stealing, is a good choice for the purpose of block-oriented data storage encryption, and the use of an algorithm of this type is well supported by research publications. We have two main criticisms of the publication. First, while XEX uses one key, the proposed XTS algorithm uses two keys; Key1 is used to encipher the whitened plaintext, while Key2 is used to compute the preand post-whitening values. We feel that only one key should be used, to serve both purposes. Second, the draft incompletely analyzes the security of XTS-AES; it needs correction and expansion in a couple of areas.
منابع مشابه
The Masked Code Book (MCB)
In this paper, we present a new narrow block mode of operation, the Masked Code Book (MCB), that can be efficiently deployed in disk encryption applications. MCB is characterized by its high-speed in comparison to current state of the art narrow block modes of operation. It is about 25% faster than XTS (when AES is the underlying cipher). Furthermore, MCB does not face the limitations of XTS.
متن کاملHigh Performance Storage Encryption on Intel(R) Architecture Processors White Paper
There is a critical need for securing data-at-rest in enterprise storage devices at very high data rates. The IEEE has drafted the P1619 standard to support encryption of data-at-rest for block-based devices. This paper describes the performance characteristics of an optimized implementation of storage encryption, benefiting from the AES-NI set of instructions on Intel ® processors based on the...
متن کاملTable of Contents Introduction.............................................................................................................................................................2 � The XTS algorithm itself........................................
Introduction.............................................................................................................................................................2 � The XTS algorithm itself.........................................................................................................................................2 � Comments From Moses Liskov and Kazuhiko Minematsu.............
متن کاملDesign of an Encryption-Decryption Module Oriented for Internet Information Security SOC Design
In order to protect the security of network data, a high speed chip module for encrypting and decrypting of network data packet is designed. The chip module is oriented for internet information security SOC (System on Chip) design. During the design process, AES (Advanced Encryption Standard) and 3DES (Data Encryption Standard) encryption algorithm are adopted to protect the security of network...
متن کاملA Strategy for Analyzing Public Comments and Preparing the Round 2 Status Report
Introduction This report was developed for the National Institute of Standards and Technology (NIST) as the first deliverable under Purchase Order 43SBNB067018. It is intended to suggest one or more strategies that the Computer Security Division at NIST can use to 1) systematically organize and analyze public comments on the AES finalists and the AES process, and 2) prepare a Round 2 status rep...
متن کامل