The AES key wrap is designed to wrap or encrypt key data. The key wrap operates on blocks of 64 bits. Before being wrapped, the key data is parsed into n blocks of 64 bits. The only restriction the key wrap algorithm places on n is that n be at least two. (For key data with length less than or equal to 64 bits, the constant field used in this specification and the key data form a single 128-bit codebook input making this key wrap unnecessary.) It is recognized that n ≤ 4 will accommodate all supported AES key sizes. However, other cryptographic values often need to be wrapped. One such value is the seed of the random number generator for DSS (Digital Signature Standard). This seed value requires n > 4 . Undoubtedly other values require this type of protection. Therefore, no upper bound is imposed on n.
The AES key wrap can be configured to use any of the three key sizes supported by the AES codebook. The choice of a key size affects the overall security provided by the key wrap, but it does not alter the description of the key wrap algorithm.
TDKW is the analogue of AESKW withTDEAas the underlying block cipher. Therefore, a semiblock consists of 32 bits, and two semiblocks are essentially devoted to integrity protection.
AKW1 essentially employs two passes of CBC encryption. The first pass over the plaintext and a hash-based integrity check value, the second pass in reverse order over the results of the first pass.
AKW2 is essentially CBC mode encryption followed by CBC-MAC authentication of the header and cipher text, where the two keys are related to the key protection key, and hence to each other, by a constant exclusive-OR difference.
VOCAL offers a wide range of cryptographic solutions in both hardware and software form factors.