Lines Matching defs:Mode
180 mode routines for every single cipher. That means every time you add or remove a cipher from the library
183 the key setup, ECB decrypt and encrypt and test vector routines. After that all five chaining mode routines
393 for a chaining mode or public key packet it is assumed that regardless of the actual size of \textit{unsigned char} only the
403 LibTomCrypt provides several block ciphers with an ECB block mode interface. It is important to first note that you
404 should never use the ECB modes directly to encrypt data. Instead you should use the ECB functions to make a chaining mode,
432 To encrypt or decrypt a block in ECB mode there are these two functions per cipher:
496 An example snippet that encodes a block with Blowfish in ECB mode.
620 \hline 3DES (EDE mode) & des3\_desc & 8 & 21 & 16 \\
770 \subsubsection{ECB Mode}
771 \index{ECB mode}
772 ECB or Electronic Codebook Mode is the simplest method to use. It is given as:
776 This mode is very weak since it allows people to swap blocks and perform replay attacks if the same key is used more
779 \subsubsection{CBC Mode}
780 \index{CBC mode}
781 CBC or Cipher Block Chaining mode is a simple mode designed to prevent trivial forms of replay and swap attacks on ciphers.
788 \subsubsection{CTR Mode}
789 \index{CTR mode}
790 CTR or Counter Mode is a mode which only uses the encryption function of the cipher. Given a initial vector which is
791 treated as a large binary counter the CTR mode is given as:
797 encrypted under the same key replay and swap attacks are infeasible. CTR mode may look simple but it is as secure
800 \subsubsection{CFB Mode}
801 \index{CFB mode}
802 CFB or Ciphertext Feedback Mode is a mode akin to CBC. It is given as:
807 Note that in this library the output feedback width is equal to the size of the block cipher. That is this mode is used
809 blocks without a delay. When this mode is first setup it will initially encrypt the initial vector as required.
811 \subsubsection{OFB Mode}
812 \index{OFB mode}
813 OFB or Output Feedback Mode is a mode akin to CBC as well. It is given as:
818 Like the CFB mode the output width in CFB mode is the same as the width of the block cipher. OFB mode will also
821 \subsection{Choice of Mode}
822 My personal preference is for the CTR mode since it has several key benefits:
839 Ciphertext stealing is a method of dealing with messages in CBC mode which are not a multiple of the block length. This is accomplished
840 by encrypting the last ciphertext block in ECB mode, and XOR'ing the output against the last partial block of plaintext. LibTomCrypt does not
841 support this mode directly but it is fairly easy to emulate with a call to the cipher's ecb\_encrypt() callback function.
846 \index{CBC Mode} \index{CTR Mode}
847 \index{OFB Mode} \index{CFB Mode}
848 The library provides simple support routines for handling CBC, CTR, CFB, OFB and ECB encoded messages. Assuming the mode
850 use that mode. They have identical setup routines (except CTR and ECB mode):
880 is a pointer to the structure you want to hold the information for the mode of operation.
883 In the case of CTR mode there is an additional parameter \textit{ctr\_mode} which specifies the mode that the counter is to be used in.
886 increment then encrypt is also supported. By OR'ing \textbf{LTC\_CTR\_RFC3686} with the CTR \textit{mode} value, ctr\_start() will increment
916 To decrypt in either mode, perform the setup like before (recall you have to fetch the IV value you used), and use the decrypt routine on all of the blocks.
919 To change or read the IV of a previously initialized chaining mode use the following two functions.
932 The XXX\_getiv() functions will read the IV out of the chaining mode and store it into \textit{IV} along with the length of the IV
933 stored in \textit{len}. The XXX\_setiv will initialize the chaining mode state as if the original IV were the new IV specified. The length
938 What the \textit{setiv} function will do depends on the mode being changed. In CBC mode, the new IV replaces the existing IV as if it
939 were the last ciphertext block. In CFB mode, the IV is encrypted as if it were the prior encrypted pad. In CTR mode, the IV is encrypted without
940 first incrementing it (regardless of the LTC\_RFC\_3686 flag presence). In F8 mode, the IV is encrypted and becomes the new pad. It does not change
942 seeking within the session. In OFB mode, the IV is encrypted and becomes the new pad.
973 /* start up CTR mode */
1032 \subsection{LRW Mode}
1033 LRW mode is a cipher mode which is meant for indexed encryption like used to handle storage media. It is meant to have efficient seeking and overcome the
1034 security problems of ECB mode while not increasing the storage requirements. It is used much like any other chaining mode except with two key differences.
1039 To initialize LRW mode use:
1096 \subsection{F8 Mode}
1097 \index{F8 Mode}
1098 The F8 Chaining mode (see RFC 3711 for instance) is yet another chaining mode for block ciphers. It behaves much like CTR mode in that it XORs a keystream
1099 against the plaintext to encrypt. F8 mode comes with the additional twist that the counter value is secret, encrypted by a \textit{salt key}. We
1100 initialize F8 mode with the following function call:
1113 This will start the F8 mode state using \textit{key} as the secret key, \textit{IV} as the counter. It uses the \textit{salt\_key} as IV encryption key
1130 These will encrypt or decrypt a variable length array of bytes using the F8 mode state specified. The length is specified in bytes and does not have to be a multiple
1158 \subsection{EAX Mode}
1159 LibTomCrypt provides support for a mode called EAX\footnote{See
1160 M. Bellare, P. Rogaway, D. Wagner, A Conventional Authenticated-Encryption Mode.} in a manner similar to the way it was intended to be used
1161 by the designers. First, a short description of what EAX mode is before we explain how to use it. EAX is a mode that requires a cipher,
1163 authentication\footnote{Note that since EAX only requires OMAC and CTR you may use \textit{encrypt only} cipher descriptors with this mode.}.
1169 The mode can then process plaintext producing ciphertext as well as compute a partial checksum. The actual checksum
1171 sized message block to send to the recipient as ciphertext. This makes the EAX mode especially suited for streaming modes
1174 The mode is initialized with the following function.
1193 encrypted in EAX mode. Note: if \textit{headerlen} is zero you may pass \textit{header} as \textbf{NULL} to indicate there is no initial header data.
1195 To encrypt or decrypt data in a streaming mode use the following.
1238 The EAX mode code can be tested to ensure it matches the test vectors by calling the following function:
1330 \subsection{OCB Mode}
1331 LibTomCrypt provides support for a mode called OCB\footnote{See
1332 P. Rogaway, M. Bellare, J. Black, T. Krovetz, \textit{OCB: A Block Cipher Mode of Operation for Efficient Authenticated Encryption}.}
1333 . OCB is an encryption protocol that simultaneously provides authentication. It is slightly faster to use than EAX mode
1349 This mode has no \textit{Associated Data} like EAX mode does which means you cannot authenticate metadata along with the stream.
1438 \subsection{CCM Mode}
1439 mode,
1440 it is only meant for \textit{packet} mode where the length of the input is known in advance. Since it is a packet mode function, CCM only has one
1541 \subsection{GCM Mode}
1542 Galois counter mode is an IEEE proposal for authenticated encryption (also it is a planned NIST standard). Like EAX and OCB mode, it can be used in a streaming capacity
1543 however, unlike EAX it cannot accept \textit{additional authentication data} (meta--data) after plaintext has been processed. This mode also only works with
1602 the mode \textit{pt} is the input and \textit{ct} is the output (or vice versa). When \textit{direction} equals \textbf{GCM\_ENCRYPT} the plaintext is read,
2014 An addition to the suite of hash functions is the \textit{Cipher Hash Construction} or \textit{CHC} mode. In this mode
2337 The PMAC\footnote{J.Black, P.Rogaway, \textit{A Block--Cipher Mode of Operation for Parallelizable Message Authentication}}
2500 by using a cipher in CBC mode. It also uses a single key which it expands into the requisite three keys for the MAC function. A XCBC--MAC state is
5247 This mode (auto-detected with x86\_32,x86\_64 platforms with GCC or MSVC) configures various routines such as ctr\_encrypt() or
5251 This mode does have one downside. It can cause unaligned reads from memory if you are not careful with the functions. This is why
5257 By design the \textit{fast} mode functions won't get unaligned on their own. For instance, if you call ctr\_encrypt() right after calling
5267 If you do plan on using the \textit{LTC\_FAST} mode you have to also define a \textit{LTC\_FAST\_TYPE} macro which resolves to an optimal sized
5270 use this mode. So sad.
5279 dependency issues which are noted in the file. For instance, Yarrow requires CTR chaining mode, a block
5492 @param mode little or big endian counter (mode=0 or mode=1)
5500 int mode,
5574 @param direction Encrypt or Decrypt mode (GCM_ENCRYPT or GCM_DECRYPT)
5651 To initialize a cipher (for ECB mode) the function setup() was provided. It accepts an array of key octets \textit{key} of length \textit{keylen} octets. The user
5659 To process a single block in ECB mode the ecb\_encrypt() and ecb\_decrypt() functions were provided. The plaintext and ciphertext buffers are allowed to overlap so you
5677 These two functions are meant for cases where a user wants to encrypt (in ECB mode no less) an array of blocks. These functions are accessed
5688 updated by the function before returning. The \textit{mode} value indicates whether the counter is big (mode = CTR\_COUNTER\_BIG\_ENDIAN) or
5689 little (mode = CTR\_COUNTER\_LITTLE\_ENDIAN) endian.
5700 The \textit{CTR pad} is empty when a multiple (including zero) blocks of text have been processed. That is, if you pass in seven bytes to AES--CTR mode you would have to
