I have a proposed pull request for a streaming AEAD encrypted data
packet using EAX mode[0]. I will send a patch shortly.
EAX is a block cipher mode combining CTR mode and OMAC. It is similar
to CCM and is considered secure. It can be easily implemented securely
in a variety of languages using the CBC and CTR modes available in most
cryptographic libraries.
The packet allows for fixed-sized chunks from 64 bytes to 65536 bytes
(or larger) in size and also permits streaming. It contains truncation
detection at the cost of 16 bytes of buffering.
I retained the AEAD algorithm octet so as not to need to overload one
octet with cipher type and AEAD algorithm. This allows us to use
something like Poly1305 with both AES and ChaCha20 in the future.
I welcome feedback on this proposal. If it's determined to be viable,
I'd also like to see adjustments to the SKESK and Secret Key packets to
add AEAD support.
[0] https://gitlab.com/openpgp-wg/rfc4880bis/merge_requests/4
--
brian m. carlson / brian with sandals: Houston, Texas, US
+1 832 623 2791 | https://www.crustytoothpaste.net/~bmc | My opinion only
OpenPGP: https://keybase.io/bk2204
signature.asc
Description: PGP signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp