Galois/Counter Mode

In cryptography, Galois/Counter Mode (GCM) is a special way to use secret codes, called symmetric-key block ciphers, to keep information safe. GCM is known for being fast and efficient. It works well in both computers and special hardware devices.

GCM does more than just hide information. It also makes sure that the information has not been changed by someone who should not touch it. When someone sends a message using GCM, they create a special check called a tag. The person receiving the message can use this tag to confirm that the message is exactly as it was sent.

GCM works by using a block cipher, often AES-128, in a way that mixes encryption with math checks. These checks use something called the Galois field GF(2¹²⁸), which helps create the tag. Because of how it is designed, GCM can use modern computer abilities, like parallel processing, making it faster than older methods such as cipher block chaining. This makes GCM very useful for protecting data in many modern systems.

Basic operation

In normal counter mode, blocks are numbered in order. This number is mixed with a special starting number called an initialization vector (IV). This mixing uses a strong security tool called a block cipher E, often AES. The result is then mixed using a process called XORed with the original message, or plaintext, to create the secret code, or ciphertext. This works like a stream cipher, so it’s important to use a new IV for every message.

The secret code blocks are used in a math expression called a polynomial. This expression uses special math called finite field arithmetic. The result is locked up again to make an authentication tag. This tag helps make sure the message hasn’t been changed and stays safe. The final message includes the IV, the secret code, and this authentication tag.

Mathematical basis

GCM mixes two methods to keep information safe. It uses a special kind of math called Galois field multiplication. This math works faster on computers than other types. This helps send information safely and check that it hasn’t been changed.

GCM was created by John Viega and David A. McGrew. In November 2007, it became an official standard recommended by NIST. Main article: Galois/Counter Mode

Use

GCM mode is used in many important security systems. It helps protect data in Ethernet networks through IEEE 802.1AE. It is also used in WiFi security with WPA3-Enterprise and in high-speed wireless connections like IEEE 802.11ad (also called WiGig). GCM helps keep data safe in storage systems such as IEEE P1619.1 and in protocols like IPsec, SSH, and TLS for safe internet communication. It is part of security suites recommended by groups like the NSA Suite B Cryptography and the Commercial National Security Algorithm (CNSA). You can also find it in popular VPN services such as SoftEther VPN and OpenVPN.

Performance

GCM uses special computer operations to encrypt and check data quickly. Some computers have built-in instructions that make these operations faster. For example, Intel processors can handle these tasks efficiently and at high speeds.

Researchers have tested GCM on different computers and found ways to make it run faster by using the computer's ability to do many tasks at once. This helps when encrypting and checking data together. However, some smaller devices might not work as well with GCM because they are designed differently.

Patents

The authors say that GCM is free for anyone to use. No special permission or patents restrict it.

Security

GCM is designed to keep information safe when used properly. It works best with a special number called an initialization vector. This number should be different every time you use the same key. There is a limit to how much data GCM can handle with one key.

The security of GCM depends on a number called the authentication tag. It is best to use longer tags to keep the system secure. The length of the tag can be changed, but short tags need careful planning to avoid issues.