Is AES132 suitable for enormous read/write application?

Go To Last Post
2 posts / 0 new
Author
Message
#1
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

Consider a application scenario, where whether AES132 is useful or not?

 

On page 111, it is mentioned that After 255 Mac calculations Nonce command has to be run. 

And on page no. 18, it is written the RNG( used in Nonce) has life expectancy of 100,000 Write per unit.

So that means the total number of encryption related operation can be performed are : 25,500,000

 

Worst Case Scenario:

The user software is encrypting/decrypting the  user data (plaintext) SDCARD(connected to host controller). 

And if daily 1000 read/write operation with multiblock(10 x 128).

That will be 10000 operation related to encryption/decryption/Authentication etc.

 

That means the product will be useful for only for 25500000/(10000*365) = 6.98 Years

Is that analysis is correct (considering the assumption mentioned)?

 

--------------------------------------------------------------------------------------------------------------------

Instead, what if the the data to be encrypted is single block size and AES132 used in ECB mode.(Electronic Code Book)

Will there any Mac be needed? 

 

 

 

 

Last Edited: Wed. Apr 25, 2018 - 11:07 AM
  • 1
  • 2
  • 3
  • 4
  • 5
Total votes: 0

You don't have to reseed the RNG with every Nonce command. Bit 1 of the mode byte controls this behavior.

As the RNG itself is NIST certified as cryptographically secure, generating a new nonce (without reseeding) on MacCount rollover is perfectly adequate.

 

Typically you might reseed on every power cycle, or every 24 hours on clock rollover, or basically to any scheme of your choosing.

Given the 100,000 limit, you should plan reseeding according to the requirements and life expectancy of your app.

 

PS There's no MAC in ECB mode, it's a straight AES block encryption.

Last Edited: Wed. Apr 25, 2018 - 01:11 PM