Intel® Integrated Performance Primitives
Deliberate problems developing high-performance vision, signal, security, and storage applications.

Rijndael CTR random access


Hi, I am trying to use the IPPS Rijndael capability.

So far everything is ok for encrypting and decrypting complete files.
But now I am trying to partially decrypt a file.
Given a block number I want to be able to start to decrypt the file from there instead of starting from the beginning.

The AES (Rijndael) CTR algorithm support such functionallity according to
In the algorithm, if I set the counter to the block index, and I provide the correct block, it will decrypt properlyfrom that block directly.

But the IPPs does not provide access to the counter.
At least no way I could find.

So am I missing something, or this functionnality was not provided in the IPPs?
I use IPPs5.3 Update 3 build 85.25, [5.3.471.85]

Here is a sample of the code I use to decrypt:

bufferSize 24576 // 24KB
#define aesBlkSize 32 // size of Rijndael-256 algorithm block is equal to 32

int ctxSize;
// and allocate one
IppsRijndael256Spec* pCtx = (IppsRijndael256Spec*)( new Ipp8u [ctxSize] );
// and prepare the context for Rijndael256 usage
ippsRijndael256Init(key, IppsRijndaelKey256, pCtx);
Ipp8u crt[aesBlkSize];
int ctrNumBitSize = 64;
// init the counter
memcpy_s(crt, aesBlkSize, IV, aesBlkSize);
IppStatus status = ippStsNoErr;
len = (unsigned long)fread((char*)inBuffer, 1, bufferSize, fin);
status = ippsRijndael256DecryptCTR(inBuffer, outBuffer, len, pCtx, crt, ctrNumBitSize);

0 Kudos
3 Replies

I found my own answer.
The crt is actually the Nonce+counter
The documentation is not very clear about this.

Anyway, I now modify the crt directly to change the counter value and I can achieve partial decryption.

for (int i = 0; i < sizeof(unsigned); ++i)
crt[aesBlkSize - 2 - i] = ((bufferIndex * 3) >> (8 * i)) & 0xFF;

One thing I do not understand yet is why I have multiply the bufferIndex value by 3.

I have monitored the crt counter value while debugging and for each buffer I decrypt the counter is increased by 3.
As my code above shown I am also increasing by 3, but I would like to understand why.

Another thing, I can not set a counter value higher than 0xFFFFFFFF (4294967295).
If I try 0xFFFFFFFF01 for example, I end up with a counter value of 1 instead of 1099511627521.
I guess my code to convert the int to hex is not the best.
Any idea how to improve it?

0 Kudos

I answered one of my own question.

The increment of 3 is actually actually the number of 8K buffers that fits in a 24K buffersize

For a 64K buffersize you can fit 8,...

0 Kudos

Glad to see you can figure oout how to use IPP functions


0 Kudos