LTC AES-256 CBC across multiple blocks

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

LTC AES-256 CBC across multiple blocks

Jump to solution
887 Views
mjbcswitzerland
Specialist V

Hi All

I can do AES-256 encryption and decryption with mmCAU, mbedTLS, OpenSSL and WolfSSL but am having problems with decryption with LTC.

My test consists of receiving a stream of encrypted data (AES-256 key known and also the IV initial state known and synchronised). The decryption takes place in 1k blocks.

1. The first test showed that the first 1k block was correctly decrypted but subsequent ones were not.

2. I then investigated and tested different methods of setting the decrypt key, which led me to identify a strange behavior as reported here: https://community.nxp.com/thread/488540 

3. Related to the way that the decrypt key is set I found that if I set the key differently (so that the error interrupt doesn't get set - see other post) the first 1k block decryption fails BUT the second block decryption is then successful. Subsequent blocks again fail.

4. In both cases I watch the IV register values before and after decrypting the first block and they are the same in each case and match the values that mmCAU or SW implementations have.

Can anyone explain how the way that the decrypt key is set can have such an effect on decryption operation?
What is causing the subsequent block decryption to fail when IV values look to be correct?
Any tricks to get it working over multiple blocks in a stream?

Regards

Mark

Labels (1)
Tags (3)
0 Kudos
1 Solution
751 Views
mjbcswitzerland
Specialist V

Hi Al

I managed to solve it but the KDS examples don't (or can't) do it - they only do single block decrypts.

The trick is to not reset the keys/IV after a block decrypt (which the examples always do) and use the mode register's AES decrypt key bit (DK) on subsequent blocks since the first block decrypt automatically convert the loaded encrypt key to a decrypt key and if the DK bit is left cleared for subsequent blocks it does it again, which corrupts it.

It is explained in the user's manual but takes a bit of time before it becomes clear and finally making any sense:

pastedImage_1.png

Regards

Mark

View solution in original post

0 Kudos
2 Replies
751 Views
jingpan
NXP TechSupport
NXP TechSupport

Hi,

Yes, CBC work in chaining mode. Current block's ciphertext is next block's IV. So you can't reset the block during stream encrypt or decrypt.

Regards,

Jing 

0 Kudos
752 Views
mjbcswitzerland
Specialist V

Hi Al

I managed to solve it but the KDS examples don't (or can't) do it - they only do single block decrypts.

The trick is to not reset the keys/IV after a block decrypt (which the examples always do) and use the mode register's AES decrypt key bit (DK) on subsequent blocks since the first block decrypt automatically convert the loaded encrypt key to a decrypt key and if the DK bit is left cleared for subsequent blocks it does it again, which corrupts it.

It is explained in the user's manual but takes a bit of time before it becomes clear and finally making any sense:

pastedImage_1.png

Regards

Mark

0 Kudos