An implementation of
David McGrew Integer Counter Mode (ICM) as an
IMode
.
ICM is a way to define a pseudorandom keystream generator using a block
cipher. The keystream can be used for additive encryption, key derivation,
or any other application requiring pseudorandom data. In the case of this
class, it is used as additive encryption, XOR-ing the keystream with the
input text --for both encryption and decryption.
In ICM, the keystream is logically broken into segments. Each segment is
identified with a segment index, and the segments have equal lengths. This
segmentation makes ICM especially appropriate for securing packet-based
protocols. ICM also allows a variety of configurations based, among other
things, on two parameters: the
block index length and the
segment index length. A constraint on those two values exists: The sum
of
segment index length and
block index length must not
half the
block size of the underlying cipher. This requirement protects
the ICM keystream generator from potentially failing to be pseudorandom.
For simplicity, this implementation, fixes these two values to the
following:
- block index length: is half the underlying cipher block size, and
- segment index length: is zero.
For a 128-bit block cipher, the above values imply a maximum keystream
length of 295,147,905,179,352,825,856 octets, since in ICM, each segment must
not exceed the value
(256 ^ block index length) * block length
octets.
Finally, for this implementation of the ICM, the IV placeholder will be
used to pass the value of the
Offset in the keystream segment.
References:
-
Integer Counter Mode, David A. McGrew.