Skip to content

Commit 63a9b32

Browse files
lgutschowlgutschow
committed
docs: add NIST SP 800-38G comment explaining AES-ECB usage in FPE
1 parent b97dd9b commit 63a9b32

2 files changed

Lines changed: 4 additions & 0 deletions

File tree

src/FF1.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -72,6 +72,8 @@ private function fromDigits(array $d): string
7272

7373
private function aesEcb(string $block): string
7474
{
75+
// NIST SP 800-38G requires AES-ECB as the PRF for FF1/FF3 Feistel rounds.
76+
// This is single-block encryption used as a building block, not ECB mode applied to user data.
7577
$algo = match (strlen($this->key)) {
7678
16 => 'aes-128-ecb',
7779
24 => 'aes-192-ecb',

src/FF3.php

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -76,6 +76,8 @@ private function fromDigits(array $d): string
7676

7777
private function aesEcb(string $block): string
7878
{
79+
// NIST SP 800-38G requires AES-ECB as the PRF for FF1/FF3 Feistel rounds.
80+
// This is single-block encryption used as a building block, not ECB mode applied to user data.
7981
$algo = match (strlen($this->key)) {
8082
16 => 'aes-128-ecb',
8183
24 => 'aes-192-ecb',

0 commit comments

Comments
 (0)