Re: [openpgp] AEAD encrypted data packet with EAX
"brian m. carlson" <sandals@crustytoothpaste.net> Mon, 03 July 2017 16:01 UTC
Return-Path: <sandals@crustytoothpaste.net>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 91F8212F253 for <openpgp@ietfa.amsl.com>; Mon, 3 Jul 2017 09:01:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (3072-bit key) header.d=crustytoothpaste.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id k6C_XuJ72-oB for <openpgp@ietfa.amsl.com>; Mon, 3 Jul 2017 09:01:01 -0700 (PDT)
Received: from castro.crustytoothpaste.net (sandals-1-pt.tunnel.tserv8.dal1.ipv6.he.net [IPv6:2001:470:1f0e:3f1::2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 89706131699 for <openpgp@ietf.org>; Mon, 3 Jul 2017 09:01:00 -0700 (PDT)
Received: from genre.crustytoothpaste.net (unknown [IPv6:2001:470:b978:101:254c:7dd1:74c7:cde0]) (using TLSv1.2 with cipher ECDHE-RSA-CHACHA20-POLY1305 (256/256 bits)) (No client certificate requested) by castro.crustytoothpaste.net (Postfix) with ESMTPSA id CA4AD280AD for <openpgp@ietf.org>; Mon, 3 Jul 2017 16:00:59 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=crustytoothpaste.net; s=default; t=1499097659; bh=rn8j3cXozGfFN34TESrYBLtvZUl/Im/BQj3aUt7q1oo=; h=Date:From:To:Subject:References:In-Reply-To:From; b=npxf4bhjo+zVDSdpK4k/38h1cF3hzfnGVI/VjDFFOgTbsGGNa6kZkeGABzJ/JGgpM 1HNqLAnqDJZ5AkUVRiM2DtKNfJLJZ1E+QXK0D/b4H6b7XTwnXb20H6Cn352eqJFb3b zlpaFof0kY/gp+7yXp5tq85zHsFKdWAaWdO+QHIo2goZu3oqjvDAPor799/cJjKGuX EIQTuzKF4csNyvmtG36xquwaxmKIB61ZlMeRJ/c1akYSENauxxLZ56Hq+IJrizGGn1 gMLa7LylmGoWQTsYWMrIDjsupJx4Oe/phJ3CICQmwb8OjI3TPsj0b5re1bHycdPtTi KQoN0FzvMMDnMPqpMMGwicUw0egfyWqf3UoUO6nw7adrX6Eoy3lbUl87fHVPDDSyca v7EElH7GyEC7FpBY9VNRIQmP1hNZ4EJ4aODr8SP4LjJuNZJeoXevKX2aqClnjMy5/a qzoRHltCAG/KuxeIwKvWmjOAl8iUgdefkF1AeIpla281dzTPSNV
Date: Mon, 03 Jul 2017 16:00:56 +0000
From: "brian m. carlson" <sandals@crustytoothpaste.net>
To: openpgp@ietf.org
Message-ID: <20170703160056.e4a2chvq6qvki4a4@genre.crustytoothpaste.net>
References: <20170521234302.gb3qc66zwwchr24j@genre.crustytoothpaste.net>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="tgyaq5yj5a4pcdr3"
Content-Disposition: inline
In-Reply-To: <20170521234302.gb3qc66zwwchr24j@genre.crustytoothpaste.net>
X-Machine: Running on genre using GNU/Linux on x86_64 (Linux kernel 4.9.0-3-amd64)
User-Agent: NeoMutt/20170609 (1.8.3)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/KcxGURvliH8AX64K1tFAoxycFV8>
Subject: Re: [openpgp] AEAD encrypted data packet with EAX
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Jul 2017 16:01:04 -0000
On Sun, May 21, 2017 at 11:43:02PM +0000, brian m. carlson wrote: > I have a proposed pull request for a streaming AEAD encrypted data > packet using EAX mode[0]. I will send a patch shortly. > > EAX is a block cipher mode combining CTR mode and OMAC. It is similar > to CCM and is considered secure. It can be easily implemented securely > in a variety of languages using the CBC and CTR modes available in most > cryptographic libraries. > > The packet allows for fixed-sized chunks from 64 bytes to 65536 bytes > (or larger) in size and also permits streaming. It contains truncation > detection at the cost of 16 bytes of buffering. > > I retained the AEAD algorithm octet so as not to need to overload one > octet with cipher type and AEAD algorithm. This allows us to use > something like Poly1305 with both AES and ChaCha20 in the future. > > I welcome feedback on this proposal. If it's determined to be viable, > I'd also like to see adjustments to the SKESK and Secret Key packets to > add AEAD support. Were there opinions on this proposal? Do people like it, dislike it, not care, etc? I'm happy to try to revise or let the editors do that, but it would be useful to get some feedback on it at all, even if it's that people hate it and want something else. -- brian m. carlson / brian with sandals: Houston, Texas, US https://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: https://keybase.io/bk2204
- [openpgp] AEAD encrypted data packet with EAX brian m. carlson
- [openpgp] [PATCH] Add AEAD Encrypted Data Packet … brian m. carlson
- Re: [openpgp] AEAD encrypted data packet with EAX brian m. carlson
- Re: [openpgp] AEAD encrypted data packet with EAX Werner Koch
- Re: [openpgp] AEAD encrypted data packet with EAX brian m. carlson
- Re: [openpgp] AEAD encrypted data packet with EAX Werner Koch
- [openpgp] [PATCH 1/3] Add AEAD Encrypted Data Pac… brian m. carlson
- Re: [openpgp] AEAD encrypted data packet with EAX brian m. carlson
- [openpgp] [PATCH 3/3] Add AEAD mode for Secret Ke… brian m. carlson
- [openpgp] [PATCH 2/3] Define AEAD mode for SKESK … brian m. carlson
- Re: [openpgp] [PATCH 1/3] Add AEAD Encrypted Data… brian m. carlson
- Re: [openpgp] AEAD encrypted data packet with EAX Werner Koch