From 16430f93b4df8ef34d306664a24c64881684046d Mon Sep 17 00:00:00 2001 From: Paul Kehrer Date: Sun, 15 Mar 2015 09:06:25 -0500 Subject: add keywrap test vectors from NIST From http://csrc.nist.gov/groups/STM/cavp/documents/mac/kwtestvectors.zip --- .../keywrap/kwtestvectors/Readme.txt | 27 ++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100755 vectors/cryptography_vectors/keywrap/kwtestvectors/Readme.txt (limited to 'vectors/cryptography_vectors/keywrap/kwtestvectors/Readme.txt') diff --git a/vectors/cryptography_vectors/keywrap/kwtestvectors/Readme.txt b/vectors/cryptography_vectors/keywrap/kwtestvectors/Readme.txt new file mode 100755 index 00000000..884b4988 --- /dev/null +++ b/vectors/cryptography_vectors/keywrap/kwtestvectors/Readme.txt @@ -0,0 +1,27 @@ +This zip file contains sample test vectors (values) for the following functions defined in +NIST SP 800-38F: + +1. AES Key Wrap Authenticated Encryption (KW-AE) and Authenticated Decryption (KW-AD) + - file names indicate direction (KW_AE or KW_AD), AES key length (128, 192 or 256). + e.g., KW_AE_128 mean AES Key Wrap Authenticated Encryption using AES-128. + - for KW-AE, 'inv' at end of file name indicates AES inverse cipher transformation used + - for KW-AD, 'inv' at end of file name indicates AES forward cipher transformation used (i.e., + authenticated decryption of ciphertext that has been *encrypted using AES inverse cipher function*) + - 5 plaintext lengths with 100 trials per plaintext length + - For each trial in KW-AE files, two inputs: key (K) and plaintext (P) and one output: resulting ciphertext (C) + - for each trial in KW-AD files, two inputs: key (K) and ciphertext (C) and one output: either the resulting + plaintext (P) or FAIL if ciphertext fails to authenticate. Should FAIL 20 times per 100 trials. + +2. AES Key Wrap with Padding Authenticated Encryption (KWP-AE) and Authenticated Decryption (KWP-AD) + - file names indicate same things as in (1.), just replace KW_ with KWP_ + - trials same as in (1.) + +3. TDEA Key Wrap Authenticated Encryption (TKW-AE) and Authenticated Decryption (TKW-AD) + - file names indicate same things as in (1.), just replace KW_ with TKW_, except for... + - only one key size, so no 128/192/256 in file name + - trials same as in (1.) + + +Refer to NIST SP 800-38F (December 2012) for more on these functions: + +http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-38F.pdf \ No newline at end of file -- cgit v1.2.3