Cryptography Reference
In-Depth Information
{
unsigned char *plaintext = ( unsigned char * )
malloc( input_len - MAC_LENGTH );
if ( key_len == 16 )
{
if ( aes_ccm_decrypt( input, input_len, addl_data, addldata_len,
plaintext, ( void * ) iv, key ) )
{
fprintf( stderr, “Error, MAC mismatch.\n” );
}
}
show_hex( plaintext, input_len - MAC_LENGTH );
free( plaintext );
free( iv );
free( key );
free( input );
free( addl_data );
return 0;
}
#endif
Now, you can see an AES-CCM encryption in action:
[jdavies@localhost ssl]$ ./aes -e “@ABCDEFGHIJKLMNO” “12345678” “tuvwxyz” “abc”
404855688058bb65f9c511
Here, “@ABCDEFGHIJKLMNO” is the key, “12345678” is the nonce, “tuvwxyz”
is the associated data, and “abc” is the data to encrypt. The encrypted out-
put — the CTR-mode part — is the three bytes 0x404855 . The remainder of the
output is the eight-byte MAC 0x688058bb65f9c511 . This MAC is computed
over fi rst the header block 0x5f313233343536373800000000000003 . 0x5F is
the declaration that there is associated data, the MAC size is eight bytes, and
that the declaration of the length of the input takes up seven bytes. This is
followed by the nonce itself and the length of the input — in this case, three
bytes. The associated data is then added to the MAC — this is 0x0007747576
7778797a00000000000000 . Notice that the fi rst two bytes are the length of the
associated data, followed by the zero-padded associated data itself. Finally,
the plaintext input “abc” is added to the MAC (again, zero-padded). This fi nal
MAC block is AES-counter-mode encrypted with nonce 0: 0x3132333435363
7380000000000000000 .
This entire operation is illustrated in Figure 9-5.
Search WWH ::




Custom Search