If you encrypt the 32KB block with multiple calls to EVP_CipherUpdate (for example 4KB at a time), you'll see this effect. Each call to EVP_CipherUpdate restarts the tweak. I posted a question as whether that's a bug or a feature a few weeks ago but didn't get any conclusive responses. AES XTS is the only mode with this issue. Other modes preserve the chaining across calls to EVP_CipherUpdate.
Greg Bryant Technical Leader Cisco Systems -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Erik Forsberg Sent: Monday, May 13, 2013 12:14 PM To: [email protected] Subject: RE: [openssl.org #3045] bug report: AES XTS fails for data unit size > 4KB hmm, using the EVP API, I dont seem to have any such limitation, I use 32 KB as my AES XTS block size. Seems to work, however, hasnt interoperated with any other implementation though. >-- Original Message -- >Subject: [openssl.org #3045] bug report: AES XTS fails for data unit >size >> 4KB >From: "Deepti Veeramachaneni via RT" <[email protected]> >Cc: [email protected] >Date: Mon, 13 May 2013 14:10:39 +0200 >Reply-To: [email protected] > > >Hi, > >Issue: >AES XTS command is not working properly for data unit size > 4KB. >AES XTS is considering 4K as data unit boundary. >The spec(NIST 1619-2007) does not put 4K restriction on data unit size. >The number of 128-bit blocks should not exceed 2^20(Section 5.1 of >NIST-1619-2007-Submission.pdf) > > >Code which I guess is causing the issue: >I feel the below macros are putting restriction on data unit size: >1. #define ENC_BLOCK_SIZE (1024*4) >The file openssl/crypto/evp/bio_enc.c >2. #define BSIZE (8*1024) >The file openssl/apps/enc.c > >Observations: >The output for first 4K data is same as output for second 4K data(If >same input is given for both blocks). >The second block of data is taken as fresh block(Initial T is taken >again for second 4K) which is not expected. > > >Command used: >openssl enc -aes-128-xts -e -p -nosalt -K >c284680e8a12ecf93175de34b8c8b6289cdfb789e4292c1ed3a5fdf0c22aeec0 >-iv faa3dedcc551205c498c525591a1fc06 -in input_openssl.txt -out >output_openssl_derived.txt > > >(openssl is the bin installed for the snapshot mentioned above) > >Version : openssl-1.0.1e >sanpshot used : openssl-SNAP-20130513.tar.gz Platform : Linux > >Attachments: >1. Input and Output files for the above command (input_openssl.txt, >output_openssl_derived.txt) > >2. Expected output file(output_openssl_expected.txt) 2. testlog file >generated from " make report " command > > >Could you please check the issue and help us confirm/resolve it. > > >Thanks and Regards, >Deepti V > >Attachment: input_openssl.txt > > >Attachment: output_openssl_derived.txt > > >Attachment: output_openssl_expected.txt > > >Attachment: testlog > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
