2017-09-08 10:48:06

by Harsh Jain

Subject: Updated IV for XTS

Hi,

XTS template does not seems updating the IV after request completion. Same output if we run belwo command in loop

[root@heptagon test]# ./kcapi -x 1 -d 4 -s  -e -c "xts(aes)" -i 7fbc02ebf5b93322329df9bfccb635af -k 8d7dd9b0170ce0b5f2f8e1aa768e01e91da8bfc67fd486d081b28254c99eb423 -p `perl -e 'print "e" x  32'`
4ea328cd5b10d0cb3bbc7ab92d54072d
4ea328cd5b10d0cb3bbc7ab92d54072d
4ea328cd5b10d0cb3bbc7ab92d54072d
4ea328cd5b10d0cb3bbc7ab92d54072d

Is IV update not required for XTS as we did for cbc,ctr mode.

Regards
Harsh Jain

2017-09-08 11:02:58

by Stephan Müller

Subject: Re: Updated IV for XTS

Am Freitag, 8. September 2017, 12:47:54 CEST schrieb Harsh Jain:

Hi Harsh,

> Hi,
>
> XTS template does not seems updating the IV after request completion. Same
> output if we run belwo command in loop
>
> [root@heptagon test]# ./kcapi -x 1 -d 4 -s -e -c "xts(aes)" -i
> 7fbc02ebf5b93322329df9bfccb635af -k
> 8d7dd9b0170ce0b5f2f8e1aa768e01e91da8bfc67fd486d081b28254c99eb423 -p `perl
> -e 'print "e" x 32'` 4ea328cd5b10d0cb3bbc7ab92d54072d
> 4ea328cd5b10d0cb3bbc7ab92d54072d
> 4ea328cd5b10d0cb3bbc7ab92d54072d
> 4ea328cd5b10d0cb3bbc7ab92d54072d
>
> Is IV update not required for XTS as we did for cbc,ctr mode.
>
> Regards
> Harsh Jain

Hm, are you sure you sent the right command?

../bin/kcapi -x 1 -d 4 -s -e -c "xts(aes)" -i
7fbc02ebf5b93322329df9bfccb635af -k
8d7dd9b0170ce0b5f2f8e1aa768e01e91da8bfc67fd486d081b28254c99eb423 -p `perl -e
'print "e" x 32'`
4ea328cd5b10d0cb3bbc7ab92d54072d
24c7c1967a3768a17ff0afe976381a79
5b23fff5d3a5c75090229e5b9ad807e7
ffc8927be32448f2ba67bbe6e0087805

vs

../bin/kcapi -x 1 -d 4 -e -c "xts(aes)" -i 7fbc02ebf5b93322329df9bfccb635af -k
8d7dd9b0170ce0b5f2f8e1aa768e01e91da8bfc67fd486d081b28254c99eb423 -p `perl -e
'print "e" x 32'`
4ea328cd5b10d0cb3bbc7ab92d54072d
4ea328cd5b10d0cb3bbc7ab92d54072d
4ea328cd5b10d0cb3bbc7ab92d54072d
4ea328cd5b10d0cb3bbc7ab92d54072d


The key difference is the -s -- the stream mode.

Note that only the stream mode API of libkcapi "keeps the cipher handle open"
(i.e. and thus the state).

The "one-shot" API does one complete cipher operation and kills the state.

See http://www.chronox.de/libkcapi/html/Usage.html#idm140613614152864 for
details.

Ciao
Stephan