On Sat, 22 Jul 2017 00:21, sandals(_at_)crustytoothpaste(_dot_)net said:
I've updated my proposal and will be sending out a series of three
patches shortly. As Werner suggested, I've moved the IV requirements to
the mode specification and I've expanded the possible values of the
cipher type octet.
Thanks. I pushed your patches so that we can use this as a starting
point. I made two changes:
- Assigned tag 20 for the AEAD Encrypted data packet
- Removed a probably left-over sentence:
An implementation MUST support chunk size octets with values from 0
to 56. An implementation MAY support other chunk sizes. Chunk size
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
octets with other values are reserved for future extensions.
and also pushed this to indicate the support for AEAD
--8<---------------cut here---------------start------------->8---
@@ -1594,6 +1594,9 @@ #### {5.2.3.24} Features
0x01 - Modification Detection (packets 18 and 19)
+ 0x02 - AEAD Encrypted Data Packet (packet 20) and version 5
+ Symmetric-Key Encrypted Session Key Packets (packet 3)
+
If an implementation implements any of the defined features, it SHOULD
implement the Features subpacket, too.
--8<---------------cut here---------------end--------------->8---
with AEAD and a secret key packet with AEAD. These packets use a fixed
value of 10 for the chunk size octet (a chunk of 65536 bytes), which
I am fine with this.
I welcome comments on this proposal with the goal of trying to get
consensus.
Do we have an RFC for EAX Mode? That would make a better reference.
I think we should have a more verbose description of the AEAD chunk
construction in particular related to the use of the IV/nonce in the
chunks.
Salam-Shalom,
Werner
p.s.
I uploaded a rendered version to https://dev.gnupg.org/F167170
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
pgpe9NYTJa2cX.pgp
Description: PGP signature
_______________________________________________
openpgp mailing list
openpgp(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/openpgp