AES-CTR

E42568

AES-CTR is a widely used symmetric-key encryption mode that turns the AES block cipher into a fast, parallelizable stream cipher by encrypting successive counter values and XORing them with the plaintext.

All labels observed (3)

Label Occurrences
AES-CM 1
AES-CTR canonical 1
Advanced Encryption Standard Counter Mode 1

How this entity was disambiguated

Statements (51)

Predicate Object
instanceOf block cipher mode of operation
stream cipher mode
symmetric-key encryption mode
advantage high performance in software
no padding required
simple implementation
basedOnPrimitive block cipher
blockSize 128 bits
ciphertextExpansion none
classification stream-cipher-like mode
decryptionProcess encrypts same counter values with AES and XORs with ciphertext
disadvantage catastrophic failure on nonce reuse
no built-in authentication
encryptionProcess encrypts successive counter values with AES and XORs with plaintext
encryptionType symmetric-key
errorPropagation limited to corrupted blocks
firstStandardizedYear 2001
fullName AES-CTR self-linksurface differs
surface form: Advanced Encryption Standard Counter Mode
introducedBy National Institute of Standards and Technology
surface form: NIST
isDeterministicWithFixedNonceAndKey true
isParallelizable true
isRandomAccess true
isSelfSynchronizing false
IVLength variable
IVType nonce
IVUniquenessRequired true
keySizesSupported 128 bits
192 bits
256 bits
operationMode counter mode
providesConfidentiality true
providesIntegrity false
relatedMode AES-CCM
AES-GCM
requiresIV true
requiresMACForIntegrity true
securityDependsOn AES security
nonce uniqueness
standardizedIn NIST SP 800-38A
supportsParallelDecryption true
supportsParallelEncryption true
supportsPrecomputation true
useCase disk encryption (with tweaks)
high-throughput encryption
network protocols
parallel hardware implementations
usedIn IPsec
surface form: IPsec (in some profiles)

SSH (in some cipher suites)
TLS (in some cipher suites)
usesCipher Advanced Encryption Standard
surface form: AES
vulnerableIfNonceReused true

How these facts were elicited

Referenced by (3)

Full triples — surface form annotated when it differs from this entity's canonical label.

ChaCha20 comparedWith AES-CTR
SRTP for secure media transport typicalCipherMode AES-CTR
subject surface form: Secure Real-time Transport Protocol
this entity surface form: AES-CM
AES-CTR fullName AES-CTR self-linksurface differs
this entity surface form: Advanced Encryption Standard Counter Mode