In August 2021, NIST's Crypto Publication Review
Board announced the review of NIST Special Publication (SP) 800-38E, Recommendation
for Block Cipher Modes of Operation: the XTS-AES Mode for Confidentiality on
Storage Devices. In response, NIST received public comments.
NIST proposes to update SP 800-38E to
address the editorial suggestions in the public comments. In particular, the
updated publication will mention the security vulnerability that results when
the two AES (sub)keys are improperly generated to be identical, as discussed in
Annex C.I of Implementation
Guidance for FIPS 140-3 and the Cryptographic Module Validation Program.
The updated SP 800-38E would be published without a period of
Submit your comments on
this decision proposal by March 10, 2023. See the
which includes NIST’s rationale for this proposal and instructions for