# ๐Galois/Counter Mode (GCM) and GMAC

- tags
- ยง Cryptography Block cipher mode of operation
- RFC
- RFC 5288 - AES Galois Counter Mode (GCM) Cipher Suites for TLS

- Encryption is the same as Counter (CTR) mode but adds Galois field multiplication to compute message authentication code.
MAC algorithm

- encrypt 128 bits of zeros, run through GHASH
- xor/ghash with non-encrypted AD (Authentication Data) (optional)
- xor/ghash with ciphertext
- xor/ghash with concatenated length of AD (64 bit) and Plaintext (64 bit)
- finally, xor with encrypted initialization vector + counter 0
- the result is authentication tag

- GHASH is a multiplication (in Galois Field) by H (= E
_{k}(0^{128}) ) (encrypted zeros)