On Fri, Aug 20, 2010 at 20:58 +0200, Mike Belopuhov wrote:
> - requires input data to be continuous, i.e.:
> given block C of 16 bytes which is a concatenation of blocks
> A an B (C = A || B): GMAC(C) =/= GMAC(B, GMAC(A, Z)), where
> GMAC(X, Y) denotes GMAC application to the block X and initial
> (or state) block Y.
I hope this will clarify the text above:
- requires input date to be split into blocks of 16 bytes with
the last block padded with zeros, otherwise it yeilds erroneous
value, i.e.:
given block C of 16 bytes that is a concatenation of chunks
A and B (C = A || B), then GMAC(C, Z) =/= GMAC(B, GMAC(A, Z)),
where GMAC(X, Y) denotes GMAC application to the chunk X and
state block Y, Z denotes initial zero block.
