Submissions should specify a mode of operation for a symmetric (secret) key block cipher algorithm. At a minimum, the mode should support underlying block ciphers with key-block combinations of 128-128, 192-128, and 256-128 bits. However, the specification should be generic – i.e., written to handle other key-block combinations, if they can be supported. Example modes include, but are not limited to, techniques for performing encryption, message authentication, hashing, and random bit generation. It will be helpful to receive variations of Counter mode arising from alternative methods/guidelines for prescribing the generation of counters.
NIST requests that submissions of modes of operation include the following six items:
The cover sheet shall contain the following information:
To assist NIST and the public to draw comparisons and contrasts between the various candidate modes, the submissions should include a table or outline that identifies the following characteristics:
Test vectors should be included in submissions to provide outside implementers with some indication that their implementations of the mode are valid; however, the test vectors need not systematically exercise every element of the mode. The test vectors should meet the following requirements:
Where possible, performance should be estimated in terms of the number of invocations of the underlying block cipher. If the estimate depends on the underlying block cipher, then, at a minimum, estimates should be provided for the AES algorithm.
If actual performance data is given, the conditions of the implementation should be described in sufficient detail so that the estimates could be verified by the public.
Submitters should disclose any intellectual property that they hold on the modes in their submissions, and any other intellectual property that is relevant to any of the modes. Submitters should also provide statements describing what, if any, licensing agreement will be required for the use of their mode.
Security and Privacy: encryption, message authentication