File talk:XEX mode encryption.svg
This diagram does not correctly depict XEX as designed by Rogaway:
- XEX uses a single block cipher key, not two. This was an explicit design feature, and the original security analysis even relied on it. The "Key₁" and "Key₂" in the diagram should simply be "Key".
- XEX requires that the tweak ( in the description) be non-zero, which means there should be a multiplication by immediately after the block cipher encryption in the topleft of the diagram. This is essential (and sufficient) for security when using a single block cipher key.
So, something like this:
Sector number
|
v
+-----+
Key-->| Enc | α α α α
+-----+ | | | |
| v v v v
`------>(X)--+------------>(X)--+------------>(X)--+------------>(X)----···
| | |
| Plaintext | Plaintext | Plaintext
| | | | | |
| v | v | v
+--------->(+) +--------->(+) +--------->(+)
| | | | | |
| v | v | v
| +-----+ | +-----+ | +-----+
| Key-->| Enc | | Key-->| Enc | | Key-->| Enc |
| +-----+ | +-----+ | +-----+
| | | | | |
| v | v | v
`--------->(+) `--------->(+) `--------->(+)
| | |
v v v
Ciphertext Ciphertext Ciphertext
