ietf-openpgp
[Top] [All Lists]

Re: [openpgp] 4880bis: Update S2K

2015-04-28 23:52:04
(I think I emailed about this already, but from an account which gets
dropped by DMARC policy.)

There is a perfectly good (standardized even!) robust authenticated
encryption mode: SIV.

A nonce-length of 128-bits (which you get using a 128-bit block
cipher) is rather short, but note that for asymmetric encryption
modes, a new key is used per message.

I think that streaming encryption is well outside the scope of this
WG. Is there some compelling argument that it is required for
encrypting email messages?

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp