IEEE Std 1619.1:2018 pdf download.IEEE Standard for Authenticated Encryption with Length Expansion for Storage Devices.
This standard specifies requirements for cryptographic units that provide encryption and authentication for data contained within storage media. Full interchange requires additional format specifications (such as compression algorithms and physical data format) that are beyond the scope of this standard.
1.2 Purpose
This standard is suitable for encryption of data stored on tape because tape easily accommodates length- expanding ciphertext. In addition, this standard applies to other storage devices if these support storing extra metadata with each encrypted record. The algorithms of this standard are designed to help ensure the confidentiality and integrity of stored data within systems requiring a high level of assurance.
1.3 Description of clauses and annexes
— Clause 1 provides an overview of this standard, including scope and purpose.
— Clause 2 lists the normative references that are essential for implementing this standard.
— Clause 3 gives definitions, acronyms, and abbreviations used in this standard.
— Clause 4 provides a description of the components that play roles in this standard.
— Clause 5 describes the cryptographic modes used by the cryptographic unit.
— Clause 6 describes cryptographic key management and initialization vector requirements.
— Annex A(informative) lists bibliographic references that are useful when implementing this standard.
— Annex B (informative) discusses several security issues that an implementer and user should understand.
— Annex C (informative) provides a summary of documentation requirements.
— Annex D (informative) provides several test vectors useful in verifying a cryptographic unit.
2. Normative references
The following referenced documents are indispensable for the application of this document (i.e., they must be understood and used, so each referenced document is cited in text and its relationship to this document is explained). For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments or corrigenda) applies.
IEEE Std 161 9it, IEEE Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices.12 McGrew, D., and J. Viega, The Galois/Counter Mode of Operation (GCM), May 31, 2005.
NIST FIPS 180-2, Federal Information Processing Standard (FIPS) 180-2 (August 1, 2002), Announcing the Secure Hash Standard (SHS).4
NIST FIPS 197, Federal Information Processing Standard (FIPS) 197 (November 26, 2001), Announcing the Advanced Encryption Standard (AES).
NIST FIPS 198, Federal Information Processing Standard (FIPS) 198 (March 2002 updated April 8, 2002), The Keyed-Hash MessageAuthentication Code (HMAC).
NIST Special Publication 800-38A (NIST SP 800-38A), Recommendation for Block Cipher Modes of Operation: Methods and Techniques.
NIST Special Publication 800-38C (NIST SP 800-38C), Recommendation for Block Cipher Modes of Operation: The CCM Mode forAuthentication and Confidentiality.
3. Definitions, acronyms, abbreviations, etc.
3.1 Definitions
For the purposes of this document, the following terms and definitions apply. The IEEE Standards Dictionary Online should be consulted for terms not defined in this clause.IEEE Std 1619.1 pdf download.