Short AES GCM Tags?

Mike Duigou openjdk at
Thu Apr 13 20:58:08 UTC 2017

I've discovered that the Java 8 JSSE doesn't allow 64 or 32 bit tags to 
be used with AES GCM. (Enforced in CipherCore) I had hoped to use short 
tags per the guidance of NIST Special Publication 800-38D Appendix C. 
The Javadoc for GCMParameterSpec mentions 32 and 64 bit tags but I can't 
find an explanation of why small tags are not supported by Java 8 JSSE.

Is there a reason that the short tags aren't offered?



More information about the security-dev mailing list