On Wed, Aug 13, 2025 at 12:24 PM Lana Deere <lana.de...@gmail.com> wrote:
> I will look into ChaCha20. Thank-you everyone who offered suggestions. > AES/CTR might also work for you. It looks like Crypto++ uses the entire initial value as both a nonce and a counter [1,2]. Once you set the initial value with a nonce, the library increments the entire 16-byte block. So you basically have a 128-bit counter. [1] <https://github.com/weidai11/cryptopp/blob/master/modes.cpp#L137> [2] <https://github.com/weidai11/cryptopp/blob/master/modes.cpp#L169> Jeff > On Wed, Aug 13, 2025 at 6:46 AM Jeffrey Walton <noloa...@gmail.com> wrote: > >> >> >> On Tue, Aug 12, 2025 at 5:07 PM Lana Deere <lana.de...@gmail.com> wrote: >> >>> On Tuesday, August 12, 2025 at 8:10:03 AM UTC-4 Jeffrey Walton wrote: >>> >>> GCM plaintext maximum length is specified in bits, not bytes. See >>> SP800-39D, Section 5.2.1.1 Input Data, p. 8, < >>> https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf>. >>> That leads to: >>> >>> 2^39 - 256 = 549755813632 >>> 549755813632 / 8 = 68719476704 >>> >>> >>> Is there a standard practice for handling AES encryption of large >>> files? E.g., create a new IV and resume encryption? Use something other >>> than GCM which has a higher limit? >>> >> >> The limit you are encountering in GCM mode is due to an internal 32-bit >> counter. The limit is not directly due to AES. >> >> You could use a block cipher and mode of operation with a 64-bit counter, >> or a stream cipher with a 64-bit counter. Bernstein's original ChaCha20 has >> an internal 64-bit counter. So Bernstein's ChaCha20 paired with Poly1305 >> could be a good replacement for you. See < >> https://www.cryptopp.com/wiki/ChaCha20>. >> >> The IETF's version of ChaCha20 used in TLS regresses to a 32-bit counter, >> so don't use it. >> > -- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to cryptopp-users+unsubscr...@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/cryptopp-users/CAH8yC8mS7jyjEX%3D4iwqtxVbdbZLXHSga9%3D_FLzBZ3q7CqpAo-w%40mail.gmail.com.
