Developer Reference

Contents

AES-CCM Functions

This section describes functions for authenticated encryption/decryption using the Counter with Cipher Block Chaining-Message Authentication Code (CCM) mode [NIST SP 800-38C] of the AES (Rijndael128) block cipher.
The AES-CCM functions enable authenticated encryption/decryption of several messages using one key that the
AES_CCMInit
function sets. Processing of each new message starts with a call to the
AES_CCMStart
function. The application code for conducting a typical AES-CCM authenticated encryption should follow the sequence of operations as outlined below:
  1. Get the size required to configure the context
    IppsAES_CCMState
    by calling the function
    AES_CCMGetSize
    .
  2. Call the system memory-allocation service function to allocate a buffer whose size is not less than the function
    AES_CCMGetSize
    specifies.
  3. Initialize the context
    IppsAES_CCMState
    *pCtx
    by calling the function
    AES_CCMInit
    with the allocated buffer and respective AES key.
  4. Optionally call
    AES_CCMMessageLen
    and/or
    AES_CCMTagLen
    to set up message and tag parameters.
  5. Call
    AES_CCMStart
    to start authenticated encryption of the first/next message.
  6. Keep calling
    AES_CCMEncrypt
    until the entire message is processed.
  7. Request the authentication tag by calling
    AES_CCMGetTag
    .
  8. Proceed to the next message, if any, that is, go to step 5.
  9. Clean up secret data stored in the context.
  10. Call the system memory free service function to release the buffer allocated for the context
    IppsAES_CCMState
    , if needed.

Product and Performance Information

1

Performance varies by use, configuration and other factors. Learn more at www.Intel.com/PerformanceIndex.