Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Algorithm Validation Program

CAVP Testing: Block Cipher Modes

Algorithm Specifications

Algorithm specifications for current FIPS-approved and NIST-recommended block cipher modes are available from the Cryptographic Toolkit.

Current testing includes the following block cipher modes:

CMAC (SP 800-38B)
XTS-AES (SP 800-38E)
CCM (SP 800-38C)
KW / KWP / TKW (SP 800-38F)(Key Wrap using AES and Triple-DES)
GCM / GMAC / XPN (SP 800-38D and CMVP Annex A)
 

 

For testing of ECB (Electronic Codebook), CBC (Cipher Block Chaining), OFB (Output Feedback),CFB (Cipher Feedback) and CTR (Counter) modes from SP 800-38A, see the CAVP block ciphers page.


Algorithm Validation Testing Requirements

CMAC: Block Cipher-based Message Authentication Code

The CMAC Validation System (CMACVS) specifies validation testing requirements for the CMAC mode in SP 800-38B.

Testing Notes

  • As of 1-1-2016, TDES KO2 encrypt is no longer compliant. TDES KO2 decrypt is allowed for legacy use only. (See SP800-131A Revision 1.)

 

CCM: Counter with Cipher Block Chaining Message Authentication Code

The CCM Validation System (CCMVS) specifies validation testing requirements for the CCM mode in SP 800-38C.

Testing Notes

  • As of 1-1-2016, TDES KO2 encrypt is no longer compliant. TDES KO2 decrypt is allowed for legacy use only. (See SP800-131A Revision 1.)

GCM, GMAC, XPN: Galois/Counter Mode, GCM Message Authentication Code, and GCM-AES-XPN mode

The GCM, GMAC and XPN Validation System (GCMVS) specifies validation testing requirements for the GCM and GMAC modes in SP 800-38D and GCM-AES-XPN mode from IEEE Std 802.1AEbw-2013 (See CMVP Annex A).

Testing Notes

XTS-AES

The XTS-AES Validation System (XTSVS) specifies validation testing requirements for the XTS-AES mode in SP 800-38E.

Testing Notes

KW, KWP and TKW: Key Wrapping and Authenticated Encryption and Decryption

The Key Wrap Validation System (KWVS) specifies validation testing requirements for the AES Key Wrap (KW), AES Key Wrap with Padding (KWP) and Triple DEA Key Wrap (TKW) modes in SP 800-38F.

Testing Notes

Back to Top

Validation Lists

Block cipher mode implementations validated by NIST are found in the AES and Triple DES validation lists as follows:

* A separate CCM Validation List, available for historical purposes, is no longer maintained. Its information is duplicated in the AES Validation List.

Back to Top

Test Vectors

Use of these test vectors does not replace validation obtained through the CAVP.

The test vectors linked below can be used to informally verify the correctness of the block cipher modes listed above.

CMAC Test Vectors (SP 800-38B)
XTS-AES Test Vectors (SP 800-38E)
CCM Test Vectors (SP 800-38C)
Key Wrap Test Vectors (SP 800-38F)
GCM Test Vectors (SP 800-38D)
 
XPN Test Vectors (IEEE Std 802.1AEbw-2013 (See CMVP Annex A))
 
Back to Top

Created October 05, 2016, Updated February 09, 2018