Guidelines for cryptographic authentication ready for review

A revised draft of guidelines for a cryptographic authentication scheme has been released for public comment by the National Institute of Standards and Technology.

Special Publication 800-38D, Recommendation for Block Cipher Modes of Operation, specifies a mode of operation for the Advanced Encryption Standard algorithm that can be used to check protected data for both accidental and intentional modification.

The scheme is called the Galois/Counter Mode, which combines a variation of the Counter Mode for encryption with an authentication mechanism, based on a universal hash function that uses a binary finite, or Galois, field. GCM is constructed from an approved symmetric key block cipher with a block size of 128 bits; in other words, AES. The publication is the fourth in a series of recommendations for modes of operation of AES.

GCM provides stronger authentication than non-cryptographic checksums or error detecting codes, but its security depends upon the uniqueness of initialization strings used in the process. 'Therefore, this mode of operation should not be deployed unless compliance with this uniqueness requirement is ensured,' NIST warns.

Comments on the proposed recommendations should be e-mailed to EncryptionModes@nist.gov by July 30.

About the Author

William Jackson is a Maryland-based freelance writer.

inside gcn

  • federal blockchain

    How blockchain can transform the public sector

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above

More from 1105 Public Sector Media Group