Re: [Cfrg] RGLC on draft-irtf-cfrg-chacha20-poly1305-01.txt

Manuel Pégourié-Gonnard <mpg@elzevir.fr> Tue, 07 October 2014 14:02 UTC

Return-Path: <mpg@elzevir.fr>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 728D91ACD96 for <cfrg@ietfa.amsl.com>; Tue, 7 Oct 2014 07:02:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.036
X-Spam-Level:
X-Spam-Status: No, score=-2.036 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_FR=0.35, MIME_8BIT_HEADER=0.3, RP_MATCHES_RCVD=-0.786] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LA4j_HbttV_f for <cfrg@ietfa.amsl.com>; Tue, 7 Oct 2014 07:02:55 -0700 (PDT)
Received: from mordell.elzevir.fr (mordell.elzevir.fr [92.243.3.74]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6BA331ACDA1 for <cfrg@irtf.org>; Tue, 7 Oct 2014 07:02:55 -0700 (PDT)
Received: from thue.elzevir.fr (thue.elzevir.fr [88.165.216.11]) by mordell.elzevir.fr (Postfix) with ESMTPS id 56303160D1; Tue, 7 Oct 2014 16:02:53 +0200 (CEST)
Received: from [192.168.0.124] (unknown [192.168.0.254]) by thue.elzevir.fr (Postfix) with ESMTPSA id 9ED2A290A4; Tue, 7 Oct 2014 16:02:52 +0200 (CEST)
Message-ID: <5433F28C.9060501@elzevir.fr>
Date: Tue, 07 Oct 2014 16:02:52 +0200
From: =?windows-1252?Q?Manuel_P=E9gouri=E9-Gonnard?= <mpg@elzevir.fr>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.1.2
MIME-Version: 1.0
To: James Cloos <cloos@jhcloos.com>, Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>
References: <542D48CD.9060404@isode.com> <m3k34clwkt.fsf@carbon.jhcloos.org> <CAJU7za+itdW8Orc5PiFvBq3k2fziewu=QpZL7aag69fZn5L_Xg@mail.gmail.com> <m37g0ckodk.fsf@carbon.jhcloos.org>
In-Reply-To: <m37g0ckodk.fsf@carbon.jhcloos.org>
OpenPGP: id=98EED379; url=https://elzevir.fr/gpg/mpg.asc
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/cfrg/CWY8FZIibAMfAOOgh7rPTZFcROE
Cc: "cfrg@irtf.org" <cfrg@irtf.org>
Subject: Re: [Cfrg] RGLC on draft-irtf-cfrg-chacha20-poly1305-01.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Oct 2014 14:02:57 -0000

On 07/10/2014 15:20, James Cloos wrote:
>>>>>> "NM" == Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com> writes:
> 
> NM> Would you really want to use an AEAD cipher for backup encryption in a
> NM> single pass? I mean a single bit corruption in 128 Gigs and you lost
> NM> everything as authentication would fail.
> 
> One should only loose the block which failed auth.
> 
> Ie, each block should be treated separately.
> 
I'm sorry if I'm missing something painfully obvious, but if each block is
treated separately, then why do you need a counter larger than 32 bits?

Manuel.