Try the new CSRC.nist.gov and let us know what you think!
(Note: Beta site content may not be complete.)

View the beta site
NIST Logo and ITL Banner Link to the NIST Homepage Link to the ITL Homepage Link to the NIST Homepage

CAVP Testing: Block Cipher Modes

Algorithm Specifications

Algorithm specifications for current FIPS-approved and NIST-recommended block cipher modes are available from the Cryptographic Toolkit.

Current testing includes the following block cipher modes:

CMAC (SP 800-38B)

CCM (SP 800-38C)

GCM / GMAC / XPN (SP 800-38D and CMVP Annex A)

XTS-AES (SP 800-38E)

KW / KWP / TKW (SP 800-38F)
(Key Wrap using AES and Triple-DES)

For testing of ECB (Electronic Codebook), CBC (Cipher Block Chaining), OFB (Output Feedback), CFB (Cipher Feedback) and CTR (Counter) modes from SP 800-38A, see the CAVP block ciphers page.

Algorithm Validation Testing Requirements

CMAC: Block Cipher-based Message Authentication Code

The CMAC Validation System (CMACVS) specifies validation testing requirements for the CMAC mode in SP 800-38B.

Testing Notes

    As of 1-1-2016, TDES KO2 encrypt is no longer compliant. TDES KO2 decrypt is allowed for legacy use only. (See SP800-131A Revision 1.)

 

CCM: Counter with Cipher Block Chaining Message Authentication Code

The CCM Validation System (CCMVS) specifies validation testing requirements for the CCM mode in SP 800-38C.

Testing Notes

    As of 1-1-2016, TDES KO2 encrypt is no longer compliant. TDES KO2 decrypt is allowed for legacy use only. (See SP800-131A Revision 1.)

 

GCM, GMAC, XPN: Galois/Counter Mode, GCM Message Authentication Code, and GCM-AES-XPN mode

The GCM, GMAC and XPN Validation System (GCMVS) specifies validation testing requirements for the GCM and GMAC modes in SP 800-38D and GCM-AES-XPN mode from IEEE Std 802.1AEbw-2013 (See CMVP Annex A).

Testing Notes

 

XTS-AES

The XTS-AES Validation System (XTSVS) specifies validation testing requirements for the XTS-AES mode in SP 800-38E.

Testing Notes

 

KW, KWP and TKW: Key Wrapping and Authenticated Encryption and Decryption

The Key Wrap Validation System (KWVS) specifies validation testing requirements for the AES Key Wrap (KW), AES Key Wrap with Padding (KWP) and Triple DEA Key Wrap (TKW) modes in SP 800-38F.

Testing Notes

 

Back to Top

Validation Lists

Block cipher mode implementations validated by NIST are found in the AES and Triple DES validation lists as follows:

* A separate CCM Validation List, available for historical purposes, is no longer maintained. Its information is duplicated in the AES Validation List.

Back to Top

 

Test Vectors

Use of these test vectors does not replace validation obtained through the CAVP.

The test vectors linked below can be used to informally verify the correctness of the block cipher modes listed above.

CMAC Test Vectors (SP 800-38B)

CCM Test Vectors (SP 800-38C)

GCM Test Vectors (SP 800-38D)

XPN Test Vectors (IEEE Std 802.1AEbw-2013 (See CMVP Annex A))

XTS-AES Test Vectors (SP 800-38E)

Key Wrap Test Vectors (SP 800-38F)

Back to Top