0

I want to encrypt with AES CCM* and i dont understand the nonce generation. the toolkit i'm using has a function to generate the nonce for CCM but it needs the following params:

  1. param src_addr The MAC address in EUI-64 format.
  2. param frame_counter The MAC frame counter.
  3. param size_of_t AES-CCM* MAC (tag) byte size. Valid values = [0,4,8,16].

i know the MAC size but how do i get the other parameters BEFORE even running init?

Anton Vainer
  • 45
  • 4
  • This is a programming question for a very specific library and is off-topic here. You may have more luck on StackOverflow provided you include the relevant code. – Marc Jan 17 '18 at 12:15
  • i guess i didnt frais it well, i want to understand how to generate the nonce for AES CCM* mode. the ieee says that: The nonce N shall encode the potential values for M so that the actual value of M can be uniquely determined from N i'm just asking how can the nonce be derived from the MAC while there is no MAC yet – Anton Vainer Jan 17 '18 at 12:45
  • the MAC in "MAC address" and "MAC frame counter" refers to media access control, not "message authentication code". My guess is that this is a library for network encryption which uses the mac address and frame number (message number for ethernet) as sources for the nonce. – Marc Jan 17 '18 at 14:41
  • so in testing it should be random? – Anton Vainer Jan 17 '18 at 15:38

1 Answers1

1

i know the MAC size but how do i get the other parameters BEFORE even running init?

This is one of the cases where you have to deal with two different expansions of the acronym "MAC": Medium Access Control and Message Authentication Tag. The first two points, ie the MAC address and the MAC frame counter refer to the Media Accesss Control expansion, ie the (link-layer) address of the peer you want to communicate with and the (link-layer) sequence counter of the current message packet. The MAC tag size refers to the actual Message Authentication Code tag of CCM*.

so in testing it should be random?

This depends on the tests you want to do. In some cases it makes sense to randomize these values, eg if you just test whether encrypt and decryption works. In other cases, eg when you want to test against test vectors, the randomness will not be helpful / will make verification of operationality of the system harder.

SEJPM
  • 45,967
  • 7
  • 99
  • 205
  • the error i got in testing with random nonce was only because the last byte of the nonce wasn't an encoding of the mac size. – Anton Vainer Jan 17 '18 at 16:27