Guidelines for cryptographic authentication ready for review

A revised draft of guidelines for a cryptographic authentication scheme has been released for public comment by the National Institute of Standards and Technology.

Special Publication 800-38D, Recommendation for Block Cipher Modes of Operation, specifies a mode of operation for the Advanced Encryption Standard algorithm that can be used to check protected data for both accidental and intentional modification.

The scheme is called the Galois/Counter Mode, which combines a variation of the Counter Mode for encryption with an authentication mechanism, based on a universal hash function that uses a binary finite, or Galois, field. GCM is constructed from an approved symmetric key block cipher with a block size of 128 bits; in other words, AES. The publication is the fourth in a series of recommendations for modes of operation of AES.

GCM provides stronger authentication than non-cryptographic checksums or error detecting codes, but its security depends upon the uniqueness of initialization strings used in the process. 'Therefore, this mode of operation should not be deployed unless compliance with this uniqueness requirement is ensured,' NIST warns.

Comments on the proposed recommendations should be e-mailed to [email protected] by July 30.

About the Author

William Jackson is a Maryland-based freelance writer.


  • business meeting (Monkey Business Images/

    Civic tech volunteers help states with legacy systems

    As COVID-19 exposed vulnerabilities in state and local government IT systems, the newly formed U.S. Digital Response stepped in to help. Its successes offer insight into existing barriers and the future of the civic tech movement.

  • data analytics (

    More visible data helps drive DOD decision-making

    CDOs in the Defense Department are opening up their data to take advantage of artificial intelligence and machine learning tools that help surface insights and improve decision-making.

Stay Connected