IEEE 1619.1 2008

$58.50

IEEE Standard for Authenticated Encryption with Length Expansion for Storage Devices

Published By	Publication Date	Number of Pages
IEEE	2008	57

Guaranteed Safe Checkout

Category: IEEE

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

Description

New IEEE Standard – Active. This standard specifies cryptographic and data authentication procedures for storage devices that support length-expansion, such as tape drives. Such procedures include the following cryptographic modes of operation for the AES block cipher: CCM, GCM, CBC-HMAC, and XTS-HMAC.

PDF Catalog

PDF Pages	PDF Title
1	IEEE Standard for Authenticated Encryption with Length Expansion for Storage Devices
3	IEEE Std 1619.1-2007
6	Introduction Notice to users Laws and regulations Copyrights Updating of IEEE documents
7	Errata Interpretations Patents Participants
10	CONTENTS
13	Important notice 1. Overview 1.1 Scope 1.2 Purpose 1.3 Description of clauses and annexes
14	2. Normative references 3. Keywords, definitions, acronyms, and abbreviations 3.1 Keywords
15	3.2 Definitions
18	3.3 Acronyms and abbreviations 3.4 Mathematical conventions 4. General concepts 4.1 Introduction
20	4.2 Components 4.2.1 Controller
21	4.2.2 Host 4.2.3 Key manager 4.2.4 Cryptographic unit
22	4.2.5 Storage medium 4.3 Plaintext record formatter 4.4 Plaintext record de-formatter
23	4.5 Encryption routine 4.5.1 Overview 4.5.2 Inputs 4.5.3 Outputs 4.6 Decryption routine 4.6.1 Overview
24	4.6.2 Decryption inputs 4.6.3 Ordering verification
25	4.6.4 Verification-only mode 4.7 Cryptographic parameters 5. Cryptographic modes 5.1 Overview
26	5.2 Counter with cipher block chaining-message authentication code (CCM)
27	5.3 Galois/Counter Mode (GCM) 5.4 Cipher block chaining with keyed-hash message authentication code (CBC-HMAC)
29	5.5 Xor-encrypt-xor with tweakable block-cipher with keyed-hash message authentication code (XTS-HMAC)
31	6. Cryptographic key management and initialization vector requirements 6.1 Random bit generator
32	6.2 Cryptographic key entry and export 6.3 Handling the cipher key 6.4 Cryptographic key wrapping on the storage medium
33	6.5 Initialization vector (IV) requirements 6.5.1 Overview 6.5.2 Using random IVs 6.5.3 Encryption sessions
34	6.6 Creating unique IVs within a self-contained group
36	Annex A (informative)Bibliography
38	Annex B (informative)Security concerns B.1 Threat model B.2 Maintaining cryptographic key security
39	B.3 Replay attacks B.4 Passing plaintext to the host before checking the MAC
40	B.5 Checking for integrity of a cryptographic key B.6 Avoiding collisions of initialization vectors B.7 Examples of IV collision avoidance strategies B.7.1 Example 1: Using random IVs
41	B.7.2 Example 2: Incrementing a random IV
42	B.7.3 Example 3: Randomizing only the key B.8 How many records to encrypt with one key?
44	Annex C (informative)Documentation summary
45	Annex D (informative)Test vectors D.1 General
46	D.2 CCM-128-AES-256 test vectors D.2.1 CCM-128-AES-256 test vector 1 D.2.2 CCM-128-AES-256 test vector 2 D.2.3 CCM-128-AES-256 test vector 3 D.2.4 CCM-128-AES-256 test vector 4 D.2.5 CCM-128-AES-256 test vector 5 D.2.6 CCM-128-AES-256 test vector 6
47	D.2.7 CCM-128-AES-256 test vector 7 D.2.8 CCM-128-AES-256 test vector 8 D.2.9 CCM-128-AES-256 test vector 9 D.3 GCM-128-AES-256 test vectors D.3.1 GCM-128-AES-256 test vector 1
48	D.3.2 GCM-128-AES-256 test vector 2 D.3.3 GCM-128-AES-256 test vector 3 D.3.4 GCM-128-AES-256 test vector 4 D.3.5 GCM-128-AES-256 test vector 5 D.3.6 GCM-128-AES-256 test vector 6
49	D.3.7 GCM-128-AES-256 test vector 7 D.3.8 GCM-128-AES-256 test vector 8 D.3.9 GCM-128-AES-256 test vector 9 D.3.10 GCM-128-AES-256 test vector 10 D.3.11 GCM-128-AES-256 test vector 11
50	D.3.12 GCM-128-AES-256 test vector 12 D.4 CBC-AES-256-HMAC-SHA test vectors (including HMAC-SHA-1, HMAC-SHA-256, and HMAC-SHA-512) D.4.1 CBC-AES-256-HMAC-SHA test vector 1 D.4.2 CBC-AES-256-HMAC-SHA test vector 2 D.4.3 CBC-AES-256-HMAC-SHA test vector 3
51	D.4.4 CBC-AES-256-HMAC-SHA test vector 4 D.4.5 CBC-AES-256-HMAC-SHA test vector 5 D.4.6 CBC-AES-256-HMAC-SHA test vector 6
52	D.4.7 CBC-AES-256-HMAC-SHA test vector 7 D.4.8 CBC-AES-256-HMAC-SHA test vector 8
53	D.4.9 CBC-AES-256-HMAC-SHA test vector 9 D.5 XTS-AES-256-HMAC-SHA-512 test vectors D.5.1 XTS-AES-256-HMAC-SHA-512 test vector 1
54	D.5.2 XTS-AES-256-HMAC-SHA-512 test vector 2
55	D.5.3 XTS-AES-256-HMAC-SHA-512 test vector 3 D.5.4 XTS-AES-256-HMAC-SHA-512 test vector 4
56	D.5.5 XTS-AES-256-HMAC-SHA-512 test vector 5