---
middle.mkd | 46 ++++++++++++++++++++++++++++++++++++++++++++++
template.xml | 11 +++++++++++
2 files changed, 57 insertions(+)
diff --git a/middle.mkd b/middle.mkd
index 5182c7d..e842938 100644
--- a/middle.mkd
+++ b/middle.mkd
@@ -2483,6 +2483,42 @@ packet length. The reason for this is that the hashing
rules for
modification detection include a one-octet tag and one-octet length in
the data hash. While this is a bit restrictive, it reduces complexity.
+## {5.14} AEAD Encrypted Data Packet (Tag 18)
+
+This packet contains data encrypted with an authenticated encryption and
+additional data (AEAD) construction. When it has been decrypted, it
+will typically contain other packets (often a Literal Data packet or
+Compressed Data packet).
+
+The body of this packet consists of:
+
+ * A one-octet version number. The only currently defined value
+ is 1.
+
+ * A one-octet cipher algorithm.
+
+ * A one-octet AEAD algorithm.
+
+ * An initialization vector of size specified by the AEAD algorithm.
+ This value MUST be unique and it MUST be unpredictable.
+
+ * Encrypted data, the output of the selected symmetric-key cipher
+ operating in the given AEAD mode.
+
+ * The authentication tag for the AEAD mode.
+
+The AEAD construction is given the packet header, version number, cipher
+algorithm octet, and AEAD algorithm octet as additional data.
+
+### {5.14.1} Galois Counter Mode
+
+The only currently defined AEAD algorithm is Galois Counter Mode
+[](#GCM). This algorithm can only use block ciphers with 16-byte
+blocks. The initialization vector is 12 bytes long.
+
+The security of GCM requires that the counter is never reused, hence the
+requirement that the initialization vector be unique.
+
# {6} Radix-64 Conversions
As stated in the introduction, OpenPGP's underlying native
@@ -3014,6 +3050,16 @@ algorithm.
Implementations MUST implement SHA-1. Implementations MAY implement
other algorithms. MD5 is deprecated.
+## {9.5} AEAD Algorithms
+
+ ID Algorithm
+ -------- ---------
+ 1 GCM [](#GCM)
+ 100--110 Private/Experimental algorithm
+
+Implementations MUST implement GCM. Implementations MAY implement
+other algorithms.
+
# {10} IANA Considerations
OpenPGP is highly parameterized, and consequently there are a number
diff --git a/template.xml b/template.xml
index 9ea1582..f52521e 100644
--- a/template.xml
+++ b/template.xml
@@ -144,6 +144,17 @@
</front>
</reference>
+ <reference anchor='GCM'>
+ <front>
+ <title>Recommendation for Block Cipher Modes of Operation:
+ Galois/Counter Mode (GCM) and GMAC (SP 800-38D)</title>
+ <author>
+ <organization>NIST</organization>
+ </author>
+ <date year="2007" month="November" />
+ </front>
+ </reference>
+
<reference anchor="HAC">
<front>
<title>Handbook of Applied Cryptography</title>
--
2.11.0
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp