📝Galois/Counter Mode (GCM) and GMAC

tags

§ Cryptography Block cipher mode of operation

RFC

RFC 5288 - AES Galois Counter Mode (GCM) Cipher Suites for TLS

• Encryption is the same as Counter (CTR) mode but adds Galois field multiplication to compute message authentication code.

• MAC algorithm

  • encrypt 128 bits of zeros, run through GHASH

  • xor/ghash with non-encrypted AD (Authentication Data) (optional)

  • xor/ghash with ciphertext

  • xor/ghash with concatenated length of AD (64 bit) and Plaintext (64 bit)

  • finally, xor with encrypted initialization vector + counter 0

  • the result is authentication tag

• GHASH is a multiplication (in Galois Field) by H (= E_k(0¹²⁸) ) (encrypted zeros)

Backlinks

• 📝 Block cipher mode of operation
• 📝 § Cryptography