I am new to python and pycrypto. I am trying to implement AES-CTR. To check my program for correct ciphering I tried to use test sequences from NIST SP 800-38A standard (section F.5). But I do not get correct result. What am I doing wrong?
from Crypto.Cipher import AES
from Crypto.Utils import Counter
CTRkey="2b7e151628aed2a6abf7158809cf4f3c"
ctr=Counter.new(128, initial_value=int("f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff",16))
cipherCTR=AES.new(CTRkey, AES.MODE_CTR, counter=ctr)
print(cipherCTR.encrypt("f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff".decode("hex")).encode("hex"))
Result:
0008007df81ad564b9aadd6b883fef16
But the expected result (ciphertext) is:
874d6191b620e3261bef6864990db6ce
In the NIST SP 800-38A standard (section F.5.1), the input to the CTR-AES128 encryption operation is called plaintext not input block.
If you use the plaintext (6bc1bee22e409f96e93d7e117393172a) you get the correct result, the ciphertext 874d6191b620e3261bef6864990db6ce.