[Botan-devel] AES/CTR-BE nonces

Jack Lloyd lloyd at randombit.net
Sat Jul 17 08:41:40 EDT 2010


On Sun, Jul 11, 2010 at 09:40:24PM -0400, jonny ram wrote:
> When performing AES-256 encryption in CTR mode, should nonces be considered
> synonymous with initialization vectors?

Yes, they are equivalent terms for the same thing.

> Specifically, when performing encryption or decryption should the
> nonce be included as the third parameter in get_cipher()? Some
> AES/CTR libraries seem to have 8-byte nonces, which can't be set as
> an IV in Botan because they are too small.

I added support for shorter CTR IVs in 1.9.1. Before that version, you
can append enough zeros to get it to 16 bytes; this should
interoperate with libraries taking short nonces.

-Jack



More information about the botan-devel mailing list