Third IEEE International Security in Storage Workshop (SISW'05)
Efficient Authentication of Large, Dynamic Data Sets Using Galois/Counter Mode (GCM)
San Francisco, California
December 13-December 13
ISBN: 0-7695-2537-7
The Galois/Counter Mode (GCM) of operation can be used as an incremental Message Authentication Code (MAC); in this respect, it is unique among the crypto algorithms used in practice. We show that it has this property, and show how to efficiently recompute a MAC after small changes within a message, after the appending or prepending of data to a message, or the truncation of data from the start or end of a message. Incremental MACs have great utility for protecting data at rest. In particular, they can be used to protect a large, dynamic data set using only a small, constant amount of memory.