Guidelines for cryptographic authentication ready for review

A revised draft of guidelines for a cryptographic authentication scheme has been released for public comment by the National Institute of Standards and Technology.

Special Publication 800-38D, Recommendation for Block Cipher Modes of Operation, specifies a mode of operation for the Advanced Encryption Standard algorithm that can be used to check protected data for both accidental and intentional modification.

The scheme is called the Galois/Counter Mode, which combines a variation of the Counter Mode for encryption with an authentication mechanism, based on a universal hash function that uses a binary finite, or Galois, field. GCM is constructed from an approved symmetric key block cipher with a block size of 128 bits; in other words, AES. The publication is the fourth in a series of recommendations for modes of operation of AES.

GCM provides stronger authentication than non-cryptographic checksums or error detecting codes, but its security depends upon the uniqueness of initialization strings used in the process. 'Therefore, this mode of operation should not be deployed unless compliance with this uniqueness requirement is ensured,' NIST warns.

Comments on the proposed recommendations should be e-mailed to [email protected] by July 30.

About the Author

William Jackson is a Maryland-based freelance writer.


  • Russia prying into state, local networks

    A Russian state-sponsored advanced persistent threat actor targeting state, local, territorial and tribal government networks exfiltrated data from at least two victims.

  • Marines on patrol (US Marines)

    Using AVs to tell friend from foe

    The Defense Advanced Research Projects Agency is looking for ways autonomous vehicles can make it easier for commanders to detect and track threats among civilians in complex urban environments without escalating tensions.

Stay Connected