On Thursday, May 20, 2021 at 12:38:14 AM UTC-4 Jeffrey Walton wrote:
> On Wednesday, May 19, 2021 at 11:53:54 PM UTC-4 yu...@nvidia.com wrote: > >> I intend to use Crypto++ XTS-AES for encrypting data. I tested XTS-AES >> with the following NIST vector and got an unexpected >> CT= 54a8629d76db46d0c516fca52c9c903baa3a635ddd56f09760f63252c8b46140 . >> >> I call the following function: >> XTS_Mode< AES >::Encryption e; >> e.SetKeyWithIV(in_key, KeySize, in_iv, IVSize); >> StringSource(in_plain_txt,svSize(plain_txt, 1),true, >> new StreamTransformationFilter(e, >> new StringSink(cipher), >> StreamTransformationFilter::NO_PADDING >> ) // StreamTransformationFilter >> ); // StringSource >> >> My questions: >> >> - Does Crypto++ XTS-AES not support non-byte aligned data >> encryption and decryption >> >> > XTS mode should support non-aligned data. For SSE, it uses _mm_loadu_si128 > and _mm_storeu_si128, which are unaligned loads and stores. The class > also uses 'GetWord<word64>(false, LITTLE_ENDIAN_ORDER, ...)' and > 'PutWord<word64>(false, LITTLE_ENDIAN_ORDER, ...)'. The 'false' says the > data is not aligned, so a memcpy is used. Also see > https://github.com/weidai11/cryptopp/blob/master/xts.cpp. > > We've seen some trouble with bad code generation when two pointers happen > to be the same in strcipher.cpp. But I don't believe XTS uses it. Also see > https://github.com/weidai11/cryptopp/issues/1010. > Something else that might be a factor... The head notes in xts.h (https://github.com/weidai11/cryptopp/blob/master/xts.h) says: /// \details XTS mode is a wide block mode defined by IEEE P1619-2008. NIST /// SP-800-38E approves the mode for storage devices citing IEEE 1619-2007. /// IEEE 1619-2007 provides both a reference implementation and test vectors. /// The IEEE reference implementation fails to arrive at the expected result /// for some test vectors. That's a bad sign :( I keep the programs that are used to generate test vectors so we can always establish provenance if needed. The program is located in one of my testing GitHubs. For XTS, it is located at https://github.com/noloader/cryptopp-test. The test vectors we use are located at https://github.com/weidai11/cryptopp/blob/master/TestVectors/xts.txt. Looking through the test vector, it looks like we use both the XTS test vectors, the XTS reference implementation and Botan. Botan is Jack Lloyd's Botan (https://github.com/randombit/botan), and we use to to add additional test vectors when we feel there are gaps. Jeff -- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/cryptopp-users/22c62ccc-dc12-4ffb-93fd-a96b14003c17n%40googlegroups.com.