CAVP Testing: Block Cipher Modes
Algorithm Specifications
Algorithm specifications for current FIPS-approved and NIST-recommended block cipher modes are available from the Cryptographic Toolkit.
Current testing includes the following block cipher modes:
For testing of ECB (Electronic Codebook), CBC (Cipher Block Chaining), OFB (Output Feedback),CFB (Cipher Feedback) and CTR (Counter) modes from SP 800-38A, see the CAVP block ciphers page.
Algorithm Validation Testing Requirements
CMAC: Block Cipher-based Message Authentication Code
The CMAC Validation System (CMACVS) specifies validation testing requirements for the CMAC mode in SP 800-38B.
Testing Notes
- As of 1-1-2016, TDES KO2 encrypt is no longer compliant. TDES KO2 decrypt is allowed for legacy use only. (See SP800-131A Revision 1.)
CCM: Counter with Cipher Block Chaining Message Authentication Code
The CCM Validation System (CCMVS) specifies validation testing requirements for the CCM mode in SP 800-38C.
Testing Notes
- As of 1-1-2016, TDES KO2 encrypt is no longer compliant. TDES KO2 decrypt is allowed for legacy use only. (See SP800-131A Revision 1.)
GCM, GMAC, XPN: Galois/Counter Mode, GCM Message Authentication Code, and GCM-AES-XPN mode
XTS-AES
KW, KWP and TKW: Key Wrapping and Authenticated Encryption and Decryption
The Key Wrap Validation System (KWVS) specifies validation testing requirements for the AES Key Wrap (KW), AES Key Wrap with Padding (KWP) and Triple DEA Key Wrap (TKW) modes in SP 800-38F.
Testing Notes
Validation Lists
Block cipher mode implementations validated by NIST are found in the AES and Triple DES validation lists as follows:
* A separate CCM Validation List, available for historical purposes, is no longer maintained. Its information is duplicated in the AES Validation List.
Test Vectors
Use of these test vectors does not replace validation obtained through the CAVP.
The test vectors linked below can be used to informally verify the correctness of the block cipher modes listed above.