Re: [openpgp] [Cfrg] streamable AEAD construct for stored data?
Nils Durner <ndurner@googlemail.com> Wed, 10 February 2016 21:53 UTC
Return-Path: <ndurner@googlemail.com>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9BA691B305D for <openpgp@ietfa.amsl.com>; Wed, 10 Feb 2016 13:53:05 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3w0Y8F06iUFV for <openpgp@ietfa.amsl.com>; Wed, 10 Feb 2016 13:53:04 -0800 (PST)
Received: from mail-wm0-x22e.google.com (mail-wm0-x22e.google.com [IPv6:2a00:1450:400c:c09::22e]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F04AC1B29F9 for <openpgp@ietf.org>; Wed, 10 Feb 2016 13:53:03 -0800 (PST)
Received: by mail-wm0-x22e.google.com with SMTP id g62so45442917wme.0 for <openpgp@ietf.org>; Wed, 10 Feb 2016 13:53:03 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20120113; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-type:content-transfer-encoding; bh=6KE7APqyRwbxjLpVOmaS/qY/iy/ntWOnGMxBQprddhw=; b=bCT3csvQBAhQzbJZQE6i6xOh7lOJrjih3+xGe6DdHnvd6LQlW43TeqTxMGhh2QvdWz DlH9VrC/oFr8Hq5Rc5fzuKXQsnqUbCsdkzoSrz6EppHstaW7476MgL3c638UWrlh7UoP Ea6arBJIug1sZZPruacTNgNycskNmU2g9QYSYAkK1k623k9J6yePAWS0Ypmvf0Qu1G/1 QwIH6o0NZrewvB+FPRgNei9w+VftRT5FHrh0pXiMN9qFTDDmmYX5AlqHFnwnN5PrSeo5 1iyM8jcIprR1YEQWc4I2YbcgspRR8/rokVuMpMtYEyeingB8UYq663oTIPIq7BF9L/6W YFyQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-type :content-transfer-encoding; bh=6KE7APqyRwbxjLpVOmaS/qY/iy/ntWOnGMxBQprddhw=; b=PRHHGimQOYkD/SPC/j7AO9G3Mbyr9/TPwoL/y4kXfyEtS3m5B97KeANBnXBUdRwpif TJLLvxg/TA9P+P2bdqJjlC2TGZtWv8JjZhXns3ieZjjhJ/fl579l6Eg5goj6ivdp4IKx qdGsosJvihRw3md+xCir/brSZanbgJH/Smjm8wF75yqpxVk+d1LVcOO3qVe5ioqYzA6L SRrOPpAvyywHNDyxyg9mKvSoJV43Z+CCqd9txBV9+QOOa3KxTgMUochVgtnZQazlHWdB TkhCT1K0BIQTgtG4CPIjXXYMjG9Ti1Bm3XbrvZLc+eBE8maO/SvRewK9d7kRQG2F0Xsg ygyA==
X-Gm-Message-State: AG10YOSmrIbff/z9+CPOWsI7L1Wud46UrCniLm430G8/9/VCsCM1+73V06EHYO9TM4ghYQ==
X-Received: by 10.28.60.84 with SMTP id j81mr13906893wma.91.1455141182411; Wed, 10 Feb 2016 13:53:02 -0800 (PST)
Received: from [192.168.188.20] (x590cf192.dyn.telefonica.de. [89.12.241.146]) by smtp.googlemail.com with ESMTPSA id v191sm5184419wme.1.2016.02.10.13.52.59 for <openpgp@ietf.org> (version=TLSv1/SSLv3 cipher=OTHER); Wed, 10 Feb 2016 13:53:00 -0800 (PST)
To: openpgp@ietf.org
References: <87twp91d8r.fsf@alice.fifthhorseman.net> <CAM_a8Jy-ZoGJ3qTgN5PFA2ZKnbtSy5GWhWhUeF2NHYgWUQ0zYA@mail.gmail.com> <3A98EA92-0C2F-46A7-8D06-880FC83CB110@gmail.com>
From: Nils Durner <ndurner@googlemail.com>
X-Enigmail-Draft-Status: N1110
Message-ID: <56BBB13B.3000507@googlemail.com>
Date: Wed, 10 Feb 2016 22:52:59 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.4.0
MIME-Version: 1.0
In-Reply-To: <3A98EA92-0C2F-46A7-8D06-880FC83CB110@gmail.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
Archived-At: <http://mailarchive.ietf.org/arch/msg/openpgp/NPtoazueXeA5luPDPu-iArEy1xc>
Subject: Re: [openpgp] [Cfrg] streamable AEAD construct for stored data?
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Feb 2016 21:53:05 -0000
Hi, > To be clear, there are two separate use-cases, each of which make > sense without the other and require different technical solutions (but > could also make sense together): > > 1. Streaming-mode integrity protection: > > [...] > > To achieve goal #1 properly, it appears that what we need is not only > a MAC per chunk but a signature per chunk. Different ideas: 1. asymmetrically encrypt and sign the MAC key, make this a new packet type to be prepended to the symmetrically encrypted data 2. derive the MAC key from the symmetric encryption key, sign it (but do not store it) and make this a new packet type to be prepended (thus saving the asymmetric encryption from #1) 3. use an authenticating sym cipher mode with intermediate authentication tags, with the symmetric key asymmetrically signed (like #2) > 4. What are reasonable upper- and lower-bounds for chunk sizes, and > what are the considerations behind them? ... or put differently in light of idea #3: at what intervals would authentication tags ideally be generated? Best regards, Nils
- [openpgp] streamable AEAD construct for stored da… Daniel Kahn Gillmor
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Watson Ladd
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Daniel Kahn Gillmor
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Watson Ladd
- Re: [openpgp] streamable AEAD construct for store… vedaal
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Zooko Wilcox-OHearn
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Natanael
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Natanael
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Taylor R Campbell
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Andy Lutomirski
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Adam Langley
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Andy Lutomirski
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Björn Edström
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Andrey Jivsov
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Peter Todd
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Andy Lutomirski
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Peter Todd
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Andy Lutomirski
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Peter Todd
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Bryan Ford
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Andy Lutomirski
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Bryan Ford
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… ianG
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Nils Durner
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Bryan Ford
- Re: [openpgp] [Cfrg] streamable AEAD construct fo… Bryan Ford