Study of the IEEE Standard 1619.1: Authenticated Encryption with Length Expansion for Storage Devices

Abstract

This Thesis will analyze the standard 1619.1 published by the IEEE. The aim of this standard is to provide authenticated encryption to stored data with AES algorithm working in XTS mode. XTS-AES is a 128-bit block cipher characterized by the use of two AES encryptions with two different keys of the same size, tweak values to add uncertainty to cipher data, (2128) Galois fields and The Ciphertext Stealing technique for data units not perfectly divisible into 128-bit blocks. There is no unanimous agreement about the profits of this standard so various aspects such as the use of two different keys, implementation in other areas or the support of the storage industry will be a source of controversy. Some commercial software and hardware that implement XTS-AES encryption mode will be presented and used to test and analyze the security properties presented by the standard IEEE 1619.1. Keywords. AES, XTS, Tweak values, Ciphertext Stealing, XTS-AES Comments.