Does random IVs in CTR block cipher mode combined with XOR allow to encrypt number of blocks up to the same numeric count of IV?

phantomcraft

7/24/23, 12:40 AM

I read about CTR block cipher mode in Wikipedia: "If the IV/nonce is random, then they can be combined with the counter using any invertible operation (concatenation, addition, or XOR) to produce the actual unique counter block for encryption."

Let's suppose I want to make a enciphering scheme with CTR and AES in which I XOR the counter value with the full IV.

Does it have advantage over combining a Nonce+Counter?

If the block size is 128-bits, does XORing a 128-bit counter onto a random IV allow to encrypt up to 2^128 blocks?

0 + 0

block-cipher

xor

ctr

nonce

blocksize

kelalaka

7/24/23, 9:59 PM

The small problem of x-or is the additional x-or operation per block. Once nonce||counter is set, there is no operation other than the increment. Though the counter in the normal mode limits the number of blocks to encrypt under the same (key,nonce) this is most necessary since AES is a PRP that has a long message distinguished from PRF. Xoring on the other hand has no limit is set explicitly due to the boundaries. In short, there is not much difference.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Does random IVs in CTR block cipher mode combined with XOR allow to encrypt number of blocks up to the same numeric count of IV?

TH: IV แบบสุ่มในโหมดการเข้ารหัสบล็อก CTR รวมกับ XOR อนุญาตให้เข้ารหัสจำนวนบล็อกได้มากถึงจำนวน IV ที่เท่ากันหรือไม่

RO: IV-urile aleatoare în modul de criptare bloc CTR combinate cu XOR permit criptarea numărului de blocuri până la același număr de IV?

RU: Позволяет ли случайный IV в режиме блочного шифрования CTR в сочетании с XOR шифровать количество блоков до того же числа, что и IV?

VI: IV ngẫu nhiên trong chế độ mật mã khối CTR kết hợp với XOR có cho phép mã hóa số lượng khối lên đến cùng số IV không?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.