Stephen, Does it mean we can't use AES without IV ?
As per XTS support in Openssl, i find the following function but don't see any implementation for the same AES_xts_encrypt(). I found the below link form which what i understand is new file called e_aes_xts.c should be present... am i missing something? lpermalink.gmane.org/gmane.comp.encryption.openssl.devel/18755 On Thu, Mar 29, 2012 at 4:07 PM, Dr. Stephen Henson <st...@openssl.org>wrote: > On Thu, Mar 29, 2012, Prashanth kumar N wrote: > > > Thanks Marek. I will try the attached code in the attached files. > > In many of the examples i have come across, i see IV is always being. Is > it > > not possible to use this API by setting IV to NULL? (As i understand for > > CBC IV is a must) . In AES_Encrypt(), we don't use IV. Does this mean > this > > does stream ciphering (byte by byte)? > > > > The IV should be random and must be set to the same value on encrypt and > decrypt. The information isn't security sensitive and can be sent in plain > text. > > If you use AES_encrypt you're effectively using ECB mode. > > > Does any one know if Openssl supports AES-XTS? Reason is we are exploring > > to see if we can employ this. > > When i Googled, i did see some change request log which said AES-XTS has > > been added to Openssl in v1.1.0 which i am not able to find for > download... > > Any idea on this? > > > > XTS mode is very new and only supported in OpenSSL 1.0.1 and later. You use > EVP_CIPHER functions EVP_aes_128_xts() and EVP_aes_256_xts(). > > Note that the key length is double that for nomal AES. You can get the key > length of any cipher (provided you use EVP) using EVP_CIPHER_key_length(). > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >
