I will look into ChaCha20. Thank-you everyone who offered suggestions. .. Lana ([email protected])
On Wed, Aug 13, 2025 at 6:46 AM Jeffrey Walton <[email protected]> wrote: > > > On Tue, Aug 12, 2025 at 5:07 PM Lana Deere <[email protected]> wrote: > >> On Tuesday, August 12, 2025 at 8:10:03 AM UTC-4 Jeffrey Walton wrote: >> >> GCM plaintext maximum length is specified in bits, not bytes. See >> SP800-39D, Section 5.2.1.1 Input Data, p. 8, < >> https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf>. >> That leads to: >> >> 2^39 - 256 = 549755813632 >> 549755813632 / 8 = 68719476704 >> >> >> Is there a standard practice for handling AES encryption of large files? >> E.g., create a new IV and resume encryption? Use something other than GCM >> which has a higher limit? >> > > The limit you are encountering in GCM mode is due to an internal 32-bit > counter. The limit is not directly due to AES. > > You could use a block cipher and mode of operation with a 64-bit counter, > or a stream cipher with a 64-bit counter. Bernstein's original ChaCha20 has > an internal 64-bit counter. So Bernstein's ChaCha20 paired with Poly1305 > could be a good replacement for you. See < > https://www.cryptopp.com/wiki/ChaCha20>. > > The IETF's version of ChaCha20 used in TLS regresses to a 32-bit counter, > so don't use it. > > Jeff > > -- > You received this message because you are subscribed to the Google Groups > "Crypto++ Users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To view this discussion visit > https://groups.google.com/d/msgid/cryptopp-users/CAH8yC8%3DaTnOxAvMWbOOFto2RnUtqPecxTW_k-%3DmBNaXLt8Mq1A%40mail.gmail.com > <https://groups.google.com/d/msgid/cryptopp-users/CAH8yC8%3DaTnOxAvMWbOOFto2RnUtqPecxTW_k-%3DmBNaXLt8Mq1A%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion visit https://groups.google.com/d/msgid/cryptopp-users/CA%2B4x%3Db-yK5yP9dyZHzL7pHQ_xi-Dv4--QnXGiT78Q4fWBuL5ig%40mail.gmail.com.
