AnsweredAssumed Answered

C29x AES-XTS 128-bit Sector Index support

Question asked by kevinwhitfield on Nov 1, 2018

Per the C29x Crypto Coprocessor Family Reference Manual, The C29x AES-XTS mode of operation maintains the "Sector Index" in word 4 of the Context register.  This suggests that Sector Index values are limited to 64-bits in length.

 

 

However, there are AES XTS vector sets from NIST (ref https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/aes/XTSTestVectors.zip) which contain multiple tests using 128-bit "i" values.  For instance, from the "XTSTestVectors/format tweak value input - 128 hex str/XTSGenAES128.rsp" test vector set (attached):

 

 

Key = a1b90cba3f06ac353b2c343876081762090923026e91771815f29dab01932f2f
i = 4faef7117cda59c66e4b92013e768ad5
PT = ebabce95b14d3c8d6fb350390790311c
CT = 778ae8b43cb98d5a825081d5be471c63

 

 

My testing of this vector with the C29x computes a cipher text of 5f2d2d58bc0004a030b0b4ce9a42ea66, rather than the one specified in the test case.  Indeed, this is the value computed with an "i" value of 4faef7117cda59c60000000000000000, demonstrating that only the first 64-bits of Sector Index value are significant.

 

 

I'd appreciate any tips, references, or other guidance as to how one might support 128-bit Sector Index test cases such as the one above.

 

 

Thanks!

 

Kevin W

Attachments

Outcomes