Hi, The attached files provide some preliminary support for the CTR, CMAC and SIV modes of operation on the crypto-api for both strict and lazy bytestrings. My main worries here are that the implementations may be vulnerable to timing attacks, and that the code in CPolys may be subject to copyright restrictions since it may be a derivative work from "Table of Low-Weight Binary Irreducible Polynomials" by Gadiel Seroussi (since all I did was apply transformations to the original PDF to get the data). As a side note, if I have time I'll improve the dbl and shift operations so they can work directly over the bytestrings which may be faster than converting and back. I'll also try both parallelizing the implementation of the counter mode and make it work with transformations other than adding one.