-TAG || ENCRYPTED || NONCE --> PACKET
- ^ ^ ^
- | | |
- | | +-------------+
- | | |
- | +-------------+ |
- | | |
- +--< AUTH(AUTH_KEY, ENCRYPTED || NONCE)
- ^ ^
- | |
-+------------------------+ |
-| |
-| +---------------+
-| |
-+--< ENCRYPT(KEY, NONCE, PAYLOAD)
- ^ ^
- | |
- | +--< DATA || PAD [|| ZEROS]
- |
- +--< PRP(PRP_KEY, SERIAL)
+ NONCE = 64bit(ZEROS) || 64bit(MAC(MAC_KEY, SERIAL))
+ PAYLOAD = DATA || PAD [|| ZEROS]
+CIPHERTEXT = ENCRYPT(KEY, NONCE, PAYLOAD)
+ TAG = AUTH(AUTH_KEY, CIPHERTEXT || NONCE)
+ MESSAGE = TAG || CIPHERTEXT || NONCE