ヘルプ
英语(美国) | English (US) 日本語 | Japanese 中文 | Chinese (Simplified)

LTC AES-256 CBC across multiple blocks

キャンセル
提案をオンにする
自動提案では、入力時に可能な一致が提案されるので検索結果を素早く絞り込むことができます。
次の結果を表示 
表示  限定  | 次の代わりに検索 
もしかして: 
解決済み
ソリューションへジャンプ

LTC AES-256 CBC across multiple blocks

ソリューションへジャンプ
‎11-06-2018 06:35 PM
922件の閲覧回数
mjbcswitzerland
Specialist V

Hi All

I can do AES-256 encryption and decryption with mmCAU, mbedTLS, OpenSSL and WolfSSL but am having problems with decryption with LTC.

My test consists of receiving a stream of encrypted data (AES-256 key known and also the IV initial state known and synchronised). The decryption takes place in 1k blocks.

1. The first test showed that the first 1k block was correctly decrypted but subsequent ones were not.

2. I then investigated and tested different methods of setting the decrypt key, which led me to identify a strange behavior as reported here: https://community.nxp.com/thread/488540 

3. Related to the way that the decrypt key is set I found that if I set the key differently (so that the error interrupt doesn't get set - see other post) the first 1k block decryption fails BUT the second block decryption is then successful. Subsequent blocks again fail.

4. In both cases I watch the IV register values before and after decrypting the first block and they are the same in each case and match the values that mmCAU or SW implementations have.

Can anyone explain how the way that the decrypt key is set can have such an effect on decryption operation?
What is causing the subsequent block decryption to fail when IV values look to be correct?
Any tricks to get it working over multiple blocks in a stream?

Regards

Mark

ラベル(1)
ラベル
タグ(3)
0 件の賞賛
返信
1 解決策

ソリューションへジャンプ
‎11-08-2018 12:45 PM
786件の閲覧回数
mjbcswitzerland
Specialist V

Hi Al

I managed to solve it but the KDS examples don't (or can't) do it - they only do single block decrypts.

The trick is to not reset the keys/IV after a block decrypt (which the examples always do) and use the mode register's AES decrypt key bit (DK) on subsequent blocks since the first block decrypt automatically convert the loaded encrypt key to a decrypt key and if the DK bit is left cleared for subsequent blocks it does it again, which corrupts it.

It is explained in the user's manual but takes a bit of time before it becomes clear and finally making any sense:

pastedImage_1.png

Regards

Mark

元の投稿で解決策を見る

0 件の賞賛
返信
2 返答(返信)

ソリューションへジャンプ
‎11-08-2018 08:12 PM
786件の閲覧回数
jingpan
NXP TechSupport
NXP TechSupport

Hi,

Yes, CBC work in chaining mode. Current block's ciphertext is next block's IV. So you can't reset the block during stream encrypt or decrypt.

Regards,

Jing 

0 件の賞賛
返信

ソリューションへジャンプ
‎11-08-2018 12:45 PM
787件の閲覧回数
mjbcswitzerland
Specialist V

Hi Al

I managed to solve it but the KDS examples don't (or can't) do it - they only do single block decrypts.

The trick is to not reset the keys/IV after a block decrypt (which the examples always do) and use the mode register's AES decrypt key bit (DK) on subsequent blocks since the first block decrypt automatically convert the loaded encrypt key to a decrypt key and if the DK bit is left cleared for subsequent blocks it does it again, which corrupts it.

It is explained in the user's manual but takes a bit of time before it becomes clear and finally making any sense:

pastedImage_1.png

Regards

Mark

0 件の賞賛
返信