On 14 February 2017 at 03:17, Werner Koch <wk(_at_)gnupg(_dot_)org> wrote:
3. How can we do early detection of corruption? When decrypting
several gigs we should be able to detect corrupted data after having
processed, say, one gig. Shall such a feature be configurable?
Shall we link it to partial length headers.
My ideas here are:
re 3: The simplest idea would be to use fixed chunks of the ciphertext
and either link them together using a counter or the hash of the
previous authentication tag. The packet header would give the
length of the chunks in blocks. It needs to be decided whether a
final one-block chunk is okay.
This seems the same question/solution of some sort of authenticated
chunked-streaming mode. I mentioned this a couple years ago but
didn't get much discussion:
https://www.ietf.org/mail-archive/web/openpgp/current/msg07546.html
-tom
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp