Hello:
I am a novice in cryptography, I encounter a problem understanding GCM
test vector posted on Crypto++ GCM example (AEAD) (http://
www.cryptopp.com/wiki/GCM_Mode) , can anyone help me?
Thanks a lot.
Here's my problem
in test vector 2:
Key: 0000000000000000000000000000000000000000000000000000000000000000
IV: 000000000000000000000000
AAD: 00000000000000000000000000000000
TAG: 2d45552d8575922b3ca3cc538442fa26
I followed the SP-800 algorithm but always got different TAG. Can
every help me finding the problem?
My steps:
let H = CIPH(0^128) =
AES(00000000000000000000000000000000) =
dc95c078a2408989ad48a21492842087
J(0) = IV||0^31||1 = 00000000000000000000000000000001
GHASH input: AAD || C || [lenA]_64 || [lenC]_64
X(1)=00000000000000000000000000000000,
X(2)=00000000000000800000000000000000
Y[0] = 00000000000000000000000000000000
Y[1] = (00000000000000000000000000000000 XOR
00000000000000000000000000000000) * H
= 00000000000000000000000000000000
Y[2] = (00000000000000000000000000000000 XOR
00000000000000800000000000000000) * H
= 00000000000000800000000000000000 *
dc95c078a2408989ad48a21492842087
= A4510A49421075AE84BE9D27C3BC3522
end of GHASH: S=A4510A49421075AE84BE9D27C3BC3522
GCTR(S)
CB[1] = 00000000000000000000000000000001
AES( CB[1] ) = 530f8afbc74536b9a963b4f1c4cb738b
y[1] = x[1] XOR 530f8afbc74536b9a963b4f1c4cb738b
= A4510A49421075AE84BE9D27C3BC3522 XOR
530f8afbc74536b9a963b4f1c4cb738b
= B5586C045EC9AFE46ED55196EE332A73
end of GCTR: TAG = B5586C045EC9AFE46ED55196EE332A73
But the TAG is: 2d45552d8575922b3ca3cc538442fa26
-----------------------------------------------------------------------------------------
I have checked for many times, but still can't find the bug.
Did I misunderstand something or some mistake in my calculation?
Please help
Thanks a lot
--
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
