Difference between revisions of "OCB"

From OpenSSLWiki
Jump to: navigation, search
(Barebones OCB page with link to patent grant file)
 
m (Added ciphers available for the mode.)
 
(4 intermediate revisions by 2 users not shown)
Line 1: Line 1:
OCB is the Offset Code Book mode.
+
OCB is the Offset Code Book mode. The mode provides an efficient form of authenticated encryption with additional data, which is commonly referred to as an AEAD scheme. OCB mode is efficient because blocks of data are visited once to generate the cipher text and create the authentication tag. In contrast, modes like CCM, EAX and GCM visit the block of data twice due to US patent encumbrances - once to encrypt the data and once to create the authentication tag. For more information, see Dr. David Wagner's comparison of AEAD schemes at [http://www.cryptopp.com/w/images/9/99/AEAD-Comparison.ppt.zip AEAD Comparison].
  
This mode has been patented by Prof Phil Rogaway and licensed to OpenSSL with the licence grant available [[Media:OCB-patent-grant-OpenSSL.pdf|here]]
+
This mode has been patented by Professor Phil Rogaway and licensed to OpenSSL with the license grant available [[Media:OCB-patent-grant-OpenSSL.pdf|here]]. Dr. Rogaway's paper can be found at [http://www.cs.ucdavis.edu/~rogaway/papers/ad.pdf Authenticated-Encryption with Associated-Data]. Test vectors and a reference implementation for interoperability testing can be found at [http://www.cs.ucdavis.edu/~rogaway/ocb/news/ OCB News and Code].
 +
 
 +
Please see [[EVP_Symmetric_Encryption_and_Decryption|EVP Symmetric Encryption and Decryption]] or [[EVP_Authenticated_Encryption_and_Decryption|EVP Authenticated Encryption and Decryption]]. The choice of <tt>EVP_CIPHER</tt> includes:
 +
 
 +
<pre>$ grep "EVP_.*_ocb" include/openssl/evp.h
 +
const EVP_CIPHER *EVP_aes_128_ocb(void);
 +
const EVP_CIPHER *EVP_aes_192_ocb(void);
 +
const EVP_CIPHER *EVP_aes_256_ocb(void);</pre>

Latest revision as of 19:27, 30 June 2016

OCB is the Offset Code Book mode. The mode provides an efficient form of authenticated encryption with additional data, which is commonly referred to as an AEAD scheme. OCB mode is efficient because blocks of data are visited once to generate the cipher text and create the authentication tag. In contrast, modes like CCM, EAX and GCM visit the block of data twice due to US patent encumbrances - once to encrypt the data and once to create the authentication tag. For more information, see Dr. David Wagner's comparison of AEAD schemes at AEAD Comparison.

This mode has been patented by Professor Phil Rogaway and licensed to OpenSSL with the license grant available here. Dr. Rogaway's paper can be found at Authenticated-Encryption with Associated-Data. Test vectors and a reference implementation for interoperability testing can be found at OCB News and Code.

Please see EVP Symmetric Encryption and Decryption or EVP Authenticated Encryption and Decryption. The choice of EVP_CIPHER includes:

$ grep "EVP_.*_ocb" include/openssl/evp.h
const EVP_CIPHER *EVP_aes_128_ocb(void);
const EVP_CIPHER *EVP_aes_192_ocb(void);
const EVP_CIPHER *EVP_aes_256_ocb(void);