Re: [openpgp] [Cfrg] streamable AEAD construct for stored data?

Adam Langley <agl@imperialviolet.org> Fri, 30 October 2015 21:28 UTC

Return-Path: <alangley@gmail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 901501B3C0F for <openpgp@ietfa.amsl.com>; Fri, 30 Oct 2015 14:28:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.278
X-Spam-Level:
X-Spam-Status: No, score=-1.278 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FM_FORGED_GMAIL=0.622, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RllALZFXOob7 for <openpgp@ietfa.amsl.com>; Fri, 30 Oct 2015 14:28:11 -0700 (PDT)
Received: from mail-qg0-x234.google.com (mail-qg0-x234.google.com [IPv6:2607:f8b0:400d:c04::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4C0CA1B3C11 for <openpgp@ietf.org>; Fri, 30 Oct 2015 14:28:11 -0700 (PDT)
Received: by qgbb65 with SMTP id b65so72351339qgb.2 for <openpgp@ietf.org>; Fri, 30 Oct 2015 14:28:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=ps+fl4S1jeembv2aEmBSPyrIZopmr8DRsssThVkO8hY=; b=mbuTEe4oFOZ4mvRqbUnraXFYDKOnoO7O43jMGzCU2sdKtr3oAI3tT6QS7UmGJWf1iR 3DVZVfUaIfb5xxTvbVPqQWPTteNjAY1Tf5OGK0DofGT/mrGUIgOVS1/aEotWnTzqAGGm tHrZ9IGIGHnrG5LC+iDsqLOSqYavhurmJ74qgDXEO3dBsGaw5lItOKbIHNnHV+Gq9ZOW Ks/tWgRVW26KxGoecOYWIL6IuZwBk+kVL5RTxF/LiuZtWNrCW9CDx196E1uSseyF0Gyt peL+ZrssUYNWGQOavyX914EjnLyHGUl+vVTmZu4L10gdQehuH+r5n/lUpMGYH9cvD0T4 eUKg==
MIME-Version: 1.0
X-Received: by 10.141.28.76 with SMTP id f73mr13816200qhe.17.1446240490517; Fri, 30 Oct 2015 14:28:10 -0700 (PDT)
Sender: alangley@gmail.com
Received: by 10.140.81.241 with HTTP; Fri, 30 Oct 2015 14:28:10 -0700 (PDT)
In-Reply-To: <CALCETrULywQ-14gjnEgcbtO3zJoK5PhbiE953eZXO+r108eFHg@mail.gmail.com>
References: <87twp91d8r.fsf@alice.fifthhorseman.net> <20151030183223.35630603F0@jupiter.mumble.net> <CALCETrULywQ-14gjnEgcbtO3zJoK5PhbiE953eZXO+r108eFHg@mail.gmail.com>
Date: Fri, 30 Oct 2015 14:28:10 -0700
X-Google-Sender-Auth: G6DSooAVMdMUW3awnx9XhGJ5Ntk
Message-ID: <CAMfhd9XE_v5ngzfq0g9dGdjKRp82-GxZwMNLoCYeUr6ZcvOjJw@mail.gmail.com>
From: Adam Langley <agl@imperialviolet.org>
To: Andy Lutomirski <luto@amacapital.net>
Content-Type: text/plain; charset=UTF-8
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/L_DMgTtz7YVqEka4I7i6p164xKM>
X-Mailman-Approved-At: Sun, 01 Nov 2015 07:51:58 -0800
Cc: openpgp@ietf.org, "cfrg@irtf.org" <cfrg@irtf.org>, Taylor R Campbell <campbell+cfrg@mumble.net>
Subject: Re: [openpgp] [Cfrg] streamable AEAD construct for stored data?
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Oct 2015 21:28:12 -0000

On Fri, Oct 30, 2015 at 11:47 AM, Andy Lutomirski <luto@amacapital.net>; wrote:
> As far as I know, everyone thinks they know how to do a Merkle tree
> for things like this, but there doesn't seem to be a credible
> standard, and there are at least two modern examples of doing it
> wrong: Amazon's Glacier hash and (unless it changed) Bittorrent's new
> Merkle tree.

Do you have references for either of these two issues? I wasn't aware of them.


Cheers

AGL

-- 
Adam Langley agl@imperialviolet.org https://www.imperialviolet.org