AES-CTR Overview Works like a stream cipher, e.g. RC4 XOR keystream with plain text: CT[i] := PT[i] ? AES(CTR(i)) Increment Counter Counter encrypted to generate keystream Counter MUST never be re-used (with same key) No harm if Counter is public But MUST be initially unpredictable |