U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

Block Cipher Techniques

Modes Development

Proposed Modes

This page contains links to the proposals for block cipher modes of operation (modes, for short) that have been submitted to NIST for consideration.

NIST maintains this page in order to facilitate public review of the modes; comments may be submitted to EncryptionModes@nist.gov.

Appearance of a mode in this list does not constitute endorsement or approval by NIST. See the Current Modes page for descriptions of the modes that are currently approved.

For each proposal below, links are given to the available documentation, as described in the following list of abbreviations:

Abbreviations for "Available Documentation"

SP - Mode Specification CD - Code (link to other site)
AD - Additional Documentation TV - Test Vectors
IP - Intellectual Property Statements SU - Summary Table or Outline

(The links within the key table itself refer to the corresponding section of the submission guidelines)

All documentation is provided on a voluntary basis by the submitters. In particular, if there is no active link to an intellectual property statement, then the submitter has not provided one to NIST.

The modes proposals are organized into the three tables below:

 

AUTHENTICATION ENCRYPTION MODES

Mode Full Mode Name Available Documentation
AES-GCM-SIV Galois/Counter Mode-Synthetic Initialization Vector
Shay Gueron, Adam Langley, Yehuda Lindell
(Posted May 17, 2019)
SP1 | SP2 | AD
IP | CD1 | CD2
EAX A Conventional Authenticated-Encryption Mode
M. Bellare, P. Rogaway, D. Wagner
(Posted October 3, 2003)
SP | AD | IP
TV |  SU
GCM Galois/Counter Mode
D. McGrew, J. Viega
(Revised specifcation posted June 2, 2005)
SP | AD1 | AD2
IP | TV | SU
OCB Offset Codebook
P. Rogaway
SP | AD | IP
CD | TV | SU

AUTHENTICATION MODES

Mode Full Mode Name Available Documentation
OMAC OMAC: One-Key CBC
T. Iwata, K. Kurosawa
(Posted December 20, 2002)
SP | AD | IP
TV | SU

ENCRYPTION MODES

Mode Full Mode Name Available Documentation
DFF Delegatable Feistel-based Format-preserving Encryption Mode
J. Vance, M. Bellare
(Posted on Nov. 9, 2015 as replacement for VAES3 proposal)
SP | AD | IP1
IP2 | TV | SU
FFX Format-preserving Feistel-based Encryption Mode
M. Bellare, P. Rogaway, T. Spies
(April 12, 2010: Version 1.1 replacing Version 1.0)
SP | SP2 | AD
IP | TV | SU
RAC Random Access Counter
J. Anderson
(Posted May 15, 2015)
SP | AD | IP
CD | TV | SU

The Internet Archive has an archive copy of NIST's Mode Development site (as of August 29, 2017), which includes other block cipher modes of operation that have been submitted  to NIST but that are not included on this page

Created January 04, 2017, Updated June 22, 2020