1

(8 replies, posted in wolfCrypt)

Hi Kaleb,

The reason why I've considered stream encoding is that I need ability to encode big amounts of data (several gigs) of fixed size with low memory footprint (less than 50 megabytes) using AES-GCM. The idea is to divide big input into chunks of apropriate size, load and process them one by one until entire input is processed. With current implementation of AES-GCM in WolfSSL we are unable to do that as it requires entire input to be preloaded.

One of possible solutions is to calculate authentication tag on the fly during encryption. Intermediate authentication tag vaules could be saved into Aes structure. Message authentication could also be implemented using streaming approach or be combined with decryption.

Regards,
Yaroslav

2

(8 replies, posted in wolfCrypt)

Hi Kaleb,

I'm trying to optimize existing system which uses AES-GCM to be able to process big input with low memory footprint.

Regards,
Yaroslav

3

(8 replies, posted in wolfCrypt)

Hi,
I'm trying to implement AES-GCM stream encryption, but it seems WolfSSL doesn't provide such feature for GCM mode, while it does for CBC mode.
Encrypted output of the following processing

wc_AesGcmEncrypt(&enc, buffer.data(), s_plain_text.data(), 0xf,    s_iv.data(), s_iv.size(), auth_tag.data(), auth_tag.size(), aad.data(), aad.size());

wc_AesGcmEncrypt(&enc, buffer.data() + 0xf, s_plain_text.data() + 0xf, s_plain_text.size() - 0xf, s_iv.data(), s_iv.size(), auth_tag.data(), auth_tag.size(), aad.data(), aad.size());

is not the same as of such one

wc_AesGcmEncrypt(&enc, buffer.data(), s_plain_text.data(), s_plain_text.size(), s_iv.data(), s_iv.size(), auth_tag.data(), auth_tag.size(), aad.data(), aad.size());

I debugged a bit and found that Aes structure which is passed to wc_AesGcmEncrypt is not changed between wc_AesGcmEncrypt invocations, so counter value is not stored.

Is there another way of doing AES-GCM stream encryption or is it planned to add such feature?

Thanks in advance,
Yaroslav