Difference between revisions of "OCB"
m (Grammar corrections) |
m (Fixed spelling; added link to test vectors.) |
||
Line 1: | Line 1: | ||
− | OCB is the Offset Code Book mode. The mode provides an efficient form of authenticated encryption with additional data, which is commonly referred to as an AEAD scheme. OCB mode is efficient because blocks of data are visited once to generate the cipher text and create the authentication tag. In contrast, modes like CCM, EAX and GCM visit the block of data twice - once to encrypt the data and once to create the authentication tag | + | OCB is the Offset Code Book mode. The mode provides an efficient form of authenticated encryption with additional data, which is commonly referred to as an AEAD scheme. OCB mode is efficient because blocks of data are visited once to generate the cipher text and create the authentication tag. In contrast, modes like CCM, EAX and GCM visit the block of data twice due to US patent encumbrances - once to encrypt the data and once to create the authentication tag. For more information, see Dr. David Wagner's comparison of AEAD schemes at [http://www.cryptopp.com/w/images/9/99/AEAD-Comparison.ppt.zip AEAD Comparison]. |
− | This mode has been patented by | + | This mode has been patented by Professor Phil Rogaway and licensed to OpenSSL with the license grant available [[Media:OCB-patent-grant-OpenSSL.pdf|here]]. Dr. Rogaway's paper can be found at [http://www.cs.ucdavis.edu/~rogaway/papers/ad.pdf Authenticated-Encryption with Associated-Data]. Test vectors and a reference implementation for interoperability testing can be found at [http://www.cs.ucdavis.edu/~rogaway/ocb/code-1.0.htm OCB 1.0 and PMAC 1.0: Code]. |
Revision as of 02:38, 26 November 2013
OCB is the Offset Code Book mode. The mode provides an efficient form of authenticated encryption with additional data, which is commonly referred to as an AEAD scheme. OCB mode is efficient because blocks of data are visited once to generate the cipher text and create the authentication tag. In contrast, modes like CCM, EAX and GCM visit the block of data twice due to US patent encumbrances - once to encrypt the data and once to create the authentication tag. For more information, see Dr. David Wagner's comparison of AEAD schemes at AEAD Comparison.
This mode has been patented by Professor Phil Rogaway and licensed to OpenSSL with the license grant available here. Dr. Rogaway's paper can be found at Authenticated-Encryption with Associated-Data. Test vectors and a reference implementation for interoperability testing can be found at OCB 1.0 and PMAC 1.0: Code.