ietf-openpgp
[Top] [All Lists]

Re: [openpgp] Questions around AEAD packets

2017-02-14 10:41:41
On 14 February 2017 at 03:17, Werner Koch <wk(_at_)gnupg(_dot_)org> wrote:
 3. How can we do early detection of corruption?  When decrypting
    several gigs we should be able to detect corrupted data after having
    processed, say, one gig.  Shall such a feature be configurable?
    Shall we link it to partial length headers.

My ideas here are:

 re 3: The simplest idea would be to use fixed chunks of the ciphertext
       and either link them together using a counter or the hash of the
       previous authentication tag.  The packet header would give the
       length of the chunks in blocks.  It needs to be decided whether a
       final one-block chunk is okay.

This seems the same question/solution of some sort of authenticated
chunked-streaming mode.  I mentioned this a couple years ago but
didn't get much discussion:
https://www.ietf.org/mail-archive/web/openpgp/current/msg07546.html

-tom

_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp