Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IACR
2011
2011
GCM, GHASH and Weak Keys
The Galois/Counter Mode (GCM) of operation has been standardized by NIST to provide single-pass authenticated encryption. The GHASH authentication component of GCM belongs to a class of Wegman-Carter polynomial universal hashes that operate in the field GF(2128 ). GCM uses the same block cipher key K to both encrypt data and to derive the generator H of the authentication polynomial. In present literature, only the trivial weak key H = 0 has been considered. In this note we show that GHASH has much wider classes of weak keys, analyze some of their properties, and give experimental results when GCM is used with the AES algorithm.
Real-time TrafficGcm | IACR 2011 | Polynomial | Single Pass |
| Added | 23 Dec 2011 |
| Updated | 23 Dec 2011 |
| Type | Journal |
| Year | 2011 |
| Where | IACR |
| Authors | Markku-Juhani O. Saarinen |
Comments (0)
Researcher Info
|
