Libgcrypt CTR Mode Counter Value

Werner Koch wk at
Mon May 16 11:39:01 CEST 2011

On Fri, 13 May 2011 18:41, nehakochar1 at said:

> But the CAVP or FIPS algorithm certificate for Libgcrypt's AES mentions that
> its CTR mode uses internal counter. Can someone please explain how?

Right.  However, you need to set the start value.

> Also, if the counter is indeed sourced internally, how does Libgcrypt ensure
> that the counter values are always unique as specified in NIST SP800-38a
> standard?

Using something like


which is what counter mode is about.

I have not read FIPS documents for some time so I don't know exactly
what the AES specs exactly mean by internal and external counter.



Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.

More information about the Gcrypt-devel mailing list