Encrypt plain text input using a modified AES-256 Galois/Counter Mode (GCM) block cipher. Output the hexidecimal representation of the encrypted message with a 128-bit authenication tag adjoined to the end. The modified AES-256 is the same algorithm but with additional AES rounds. Instead of the standard 14 rounds for each block, cycle through the hexidecimal aad provided where each byte is the number of rounds for the current block. Once the aad has completed, start over from the beginning again. Also use the same sequence to determine the authenication tag. All other AES calls outside of the blocks is standard AES. One additional change is that the key expansion is the same but when applying add round key, use the round key modulo 14 (i.e., round 15 should use round key 1, round 20 should use round key 6).
Inputs:
256-bit hexidecimal AES-256 secret key, 96-bit hexidecimal IV, plain text character array, hexidecimal Additional Authenticated Data (aad).
Output:
Hexidecimal representation of the encrypted message with a 128-bit authenication tag (also in hexidecimal) adjoined to the end.
Solution Stats
Problem Comments
3 Comments
Solution Comments
Show comments
Loading...
Problem Recent Solvers2
Suggested Problems
More from this Author65
Problem Tags
Community Treasure Hunt
Find the treasures in MATLAB Central and discover how the community can help you!
Start Hunting!
David, how is the authentication tag formed — specifically what block gets encrypted and XORed with what, and the GHASH bit/field convention you used?
Thanks,
George Berken
Same as you did for the previous problem. Only difference is the number of rounds done in the modified AES block starts at the first byte of the aad string and same for the add round key application as provided above. Are you passing any of the tests? Your previous algorithm should pass the first test when you add in the aad in accordance with the standard. The next test just uses 13 rounds for all the block modified AES rounds including the authentication tag AES round blocks. Third and follow on tests use an aad sequence for each subsequent modified AES for providing the number of AES rounds in each block. All other aspects of AES remain the same except you have to reuse some of the expanded key words based on the modulo-14 of the round (14==14, 15==1, etc.). Normal AES is always used for encoding the zeros(1,128) array. Once you pass the first two tests you should be close to passing the rest.
David, that clears up what I was doing wrong. Thank you. Your problems are always challenging to me.