Sunday, February 12, 2023

Proposal to Update NIST SP 800-38E, Using the XTS-AES Mode for Confidentiality on Storage Devices

 In August 2021, NIST's Crypto Publication Review Board announced the review of NIST Special Publication (SP) 800-38E, Recommendation for Block Cipher Modes of Operation: the XTS-AES Mode for Confidentiality on Storage Devices. In response, NIST received public comments.

NIST proposes to update SP 800-38E to address the editorial suggestions in the public comments. In particular, the updated publication will mention the security vulnerability that results when the two AES (sub)keys are improperly generated to be identical, as discussed in Annex C.I of Implementation Guidance for FIPS 140-3 and the Cryptographic Module Validation Program.

The updated SP 800-38E would be published without a period of public comment.

Submit your comments on this decision proposal by March 10, 2023. See the full announcement, which includes NIST’s rationale for this proposal and instructions for submitting comments.

Read More