|
1.
|
Clear description of the referenced document:
|
|
|
|
Name:
|
NIST SP 800-38D
|
|
Title:
|
Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC
|
|
|
2.
|
Status of approval:
|
|
|
Approved
|
|
3.
|
Justification for the specific reference:
|
|
|
This recommendation allows for ciphers as specified in the reference.
|
|
4.
|
Current information, if any, about IPR issues:
|
|
|
Some information may be available in the NIST Patents Database that can be accessed through http://patapsco.nist.gov/ts/220/sharedpatent/index.cfm
|
|
5.
|
Other useful information describing the "Quality" of the document:
|
|
|
This Recommendation specifies the Galois/Counter Mode (GCM), an algorithm for authenticated encryption with associated data, and its specialization, GMAC, for generating a message authentication code (MAC) on data that is not encrypted. GCM and GMAC are modes of operation for an underlying approved symmetric key block cipher.
|
|
6.
|
The degree of stability or maturity of the document:
|
|
|
SP 800-38D was published in 2007. Current standards status of this document can be found at http://www.csrc.nist.gov/publications/nistpubs/
|
|
7.
|
Relationship with other existing or emerging documents:
|
|
|
|
|
8.
|
Any explicit references within that referenced document should also be listed:
|
|
|
/
[1] Ferguson, N., Authentication Weaknesses in GCM, Natl. Inst. Stand. Technol./
[Web page], http://www.csrc.nist.gov/groups/ST/toolkit/BCM/documents/comments//
CWC-GCM/Ferguson2.pdf, May 20, 2005./
[2] FIPS Publication 197, The Advanced Encryption Standard (AES), U.S. DoC/NIST,/
November 26, 2001./
[3] FIPS Publication 140-2, Security Requirements for Cryptographic Modules, U.S./
DoC/NIST, May 25, 2001./
[4] IEEE P1619.1™/D23, Draft Standard for Authenticated Encryption with Length/
Expansion for Storage Devices./
[5] A. Joux, Authentication Failures in NIST version of GCM, Natl. Inst. Stand. Technol./
[Web page], http://www.csrc.nist.gov/groups/ST/toolkit/BCM/documents/comments/800-/
38_Series-Drafts/GCM/Joux_comments.pdf./
[6] D. McGrew, J. Viega, The Galois/Counter Mode of Operation (GCM), Natl. Inst. Stand./
Technol. [Web page], http://www.csrc.nist.gov/groups/ST/toolkit/BCM/documents//
proposedmodes/gcm/gcm-revised-spec.pdf, May 31, 2005./
/
[7] D. McGrew and J. Viega. The Security and Performance of the Galois/Counter Mode/
(GCM) of Operation. Proceedings of INDOCRYPT ’04, Springer-Verlag, 2004. Full/
paper available from the IACR Cryptology ePrint Archive: Report 2004/193, [Web/
page], http://eprint.iacr.org/2004/193/, October 7, 2004./
[9] National Institute of Standards and Technology and Communications Security/
Establishment, Implementation Guidance for FIPS Pub. 140-2 and the Cryptographic/
Module Validation Program, Natl. Inst. Stand. Technol. [Web page], http://csrc.nist.gov//
groups/STM/cmvp/documents/fips140-2/FIPS1402IG.pdf./
/
[10] NIST Special Publication 800-38A, 2001 ED, Version 1, Recommendation for Block/
Cipher Modes of Operation—Methods and Techniques, December 2001, Natl. Inst./
Stand. Technol. [Web page], http://www.csrc.nist.gov/publications/nistpubs/800-38a//
sp800-38a.pdf.
|
|
9.
|
Qualification of
NIST:
|
|
|
Qualification of NIST: NIST is recognized under the provisions of ITU-T Recommendation A.5. Qualifying information is on file in TSB.
|
|
10.
|
Other (for any supplementary information):
|
|
|
|
|
