AES-192-OCB ENCRYPTION TOOL
Other Crypto Algorithms
AES-128-CBC AES-128-CBC-CTS AES-128-CBC-HMAC-SHA1 AES-128-CBC-HMAC-SHA256 AES-128-CCM AES-128-CFB AES-128-CFB1 AES-128-CFB8 AES-128-CTR AES-128-ECB AES-128-GCM AES-128-GCM-SIV AES-128-OCB AES-128-OFB AES-128-SIV AES-128-WRAP AES-128-WRAP-INV AES-128-WRAP-PAD AES-128-WRAP-PAD-INV AES-128-XTS AES-192-CBC AES-192-CBC-CTS AES-192-CCM AES-192-CFB AES-192-CFB1 AES-192-CFB8 AES-192-CTR AES-192-ECB AES-192-GCM AES-192-GCM-SIV AES-192-OCB AES-192-OFB AES-192-SIV AES-192-WRAP AES-192-WRAP-INV AES-192-WRAP-PAD AES-192-WRAP-PAD-INV AES-256-CBC AES-256-CBC-CTS AES-256-CBC-HMAC-SHA1 AES-256-CBC-HMAC-SHA256 AES-256-CCM AES-256-CFB AES-256-CFB1 AES-256-CFB8 AES-256-CTR AES-256-ECB AES-256-GCM AES-256-GCM-SIV AES-256-OCB AES-256-OFB AES-256-SIV AES-256-WRAP AES-256-WRAP-INV AES-256-WRAP-PAD AES-256-WRAP-PAD-INV AES-256-XTS ARIA-128-CBC ARIA-128-CCM ARIA-128-CFB ARIA-128-CFB1 ARIA-128-CFB8 ARIA-128-CTR ARIA-128-ECB ARIA-128-GCM ARIA-128-OFB ARIA-192-CBC ARIA-192-CCM ARIA-192-CFB ARIA-192-CFB1 ARIA-192-CFB8 ARIA-192-CTR ARIA-192-ECB ARIA-192-GCM ARIA-192-OFB ARIA-256-CBC ARIA-256-CCM ARIA-256-CFB ARIA-256-CFB1 ARIA-256-CFB8 ARIA-256-CTR ARIA-256-ECB ARIA-256-GCM ARIA-256-OFB CAMELLIA-128-CBC CAMELLIA-128-CBC-CTS CAMELLIA-128-CFB CAMELLIA-128-CFB1 CAMELLIA-128-CFB8 CAMELLIA-128-CTR CAMELLIA-128-ECB CAMELLIA-128-OFB CAMELLIA-192-CBC CAMELLIA-192-CBC-CTS CAMELLIA-192-CFB CAMELLIA-192-CFB1 CAMELLIA-192-CFB8 CAMELLIA-192-CTR CAMELLIA-192-ECB CAMELLIA-192-OFB CAMELLIA-256-CBC CAMELLIA-256-CBC-CTS CAMELLIA-256-CFB CAMELLIA-256-CFB1 CAMELLIA-256-CFB8 CAMELLIA-256-CTR CAMELLIA-256-ECB CAMELLIA-256-OFB CHACHA20 CHACHA20-POLY1305 DES-EDE-CBC DES-EDE-CFB DES-EDE-ECB DES-EDE-OFB DES-EDE3-CBC DES-EDE3-CFB DES-EDE3-CFB1 DES-EDE3-CFB8 DES-EDE3-ECB DES-EDE3-OFB DES3-WRAPThe AES-192-OCB algorithm is a symmetric key encryption technique combining the Advanced Encryption Standard (AES) block cipher with the Offset Codebook (OCB) mode of operation. AES-192 utilizes a 192-bit key length and operates on fixed-size 128-bit blocks, providing a balance between performance and security. The algorithm ensures confidentiality and integrity of data simultaneously by integrating encryption and authentication into a single pass.
Key Expansion
The AES-192 key schedule derives a series of round keys from the initial 192-bit secret key. The process involves iterative application of substitution, permutation, and mixing operations to generate 13 round keys required for encryption and decryption. Each round key is used in a corresponding encryption round to transform plaintext into ciphertext.
OCB Mode of Operation
The OCB mode operates by computing a sequence of offsets for each plaintext block. These offsets are generated using a combination of the nonce, block index, and a dedicated L value derived from the AES key. Each plaintext block is XORed with its offset, then encrypted with AES-192, and finally XORed again with the same offset to produce the ciphertext block. This mechanism ensures that identical plaintext blocks result in different ciphertext blocks when different nonces are used.
Authentication Tag
Alongside encryption, OCB mode calculates a message authentication code (MAC) by combining all plaintext blocks with their respective offsets and encrypting the result with AES-192. The resulting tag is appended to the ciphertext, providing integrity verification. Any modification in the ciphertext or nonce will result in authentication failure during decryption.
Encryption Process
The encryption procedure starts with nonce generation, followed by offset computation for each block. Each plaintext block is XORed with its offset, processed through AES-192, and XORed with the same offset to produce ciphertext. After all blocks are processed, the final authentication tag is computed and appended. The algorithm allows parallel processing of blocks, improving performance without compromising security.
Decryption Process
Decryption in AES-192-OCB reverses the encryption steps. Each ciphertext block is XORed with the corresponding offset, decrypted using AES-192, and XORed again with the offset to recover the original plaintext. The authentication tag is verified by recomputing the tag from decrypted blocks and comparing it with the transmitted tag. Any mismatch indicates tampering or data corruption.
Security Considerations
AES-192-OCB provides strong resistance against known cryptographic attacks. The 192-bit key length offers high brute-force attack resistance, while OCB ensures message integrity and protection against replay attacks. Proper nonce management is essential, as reusing nonces with the same key can compromise both confidentiality and authentication. The combined encryption and authentication in a single pass reduces computational overhead compared to separate encryption and MAC schemes.