Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[PoC/RFC] Add SIV #319

Open
wants to merge 4 commits into
base: develop
Choose a base branch
from
Open

[PoC/RFC] Add SIV #319

wants to merge 4 commits into from

Conversation

sjaeckel
Copy link
Member

Checklist

  • documentation is added or updated
  • tests are added or updated

This is a PoC/RFC for adding the enc+auth mode RFC5297 SIV - Synthetic Initialization Vector.

Feel free to tear it apart, improvements on the API welcome.

I had to decide how to process the AD's

  1. incremental
  2. by passing a vararg
  3. by passing an array of pointers

1 wasn't really an option AFAIU the RFC
whether 2 or 3 I was like ¯\_(ツ)_/¯ so I went for 3

I didn't really look if it would make sense to have the context exposed so we could split the processing up in init()->add_ad()->{en,de}crypt()->done()

@karel-m
Copy link
Member

karel-m commented Oct 25, 2017

Does this enable implementation of AES-GCM-SIV?

https://tools.ietf.org/html/draft-irtf-cfrg-gcmsiv-06

@sjaeckel
Copy link
Member Author

sjaeckel commented Oct 25, 2017
edited
Loading

I haven't looked at that draft yet but this PR implements the "predecessor"

@sjaeckel
Copy link
Member Author

I've read a bit through the ML and I think we should wait until the RFC is finished to prevent something like #256.

@sjaeckel sjaeckel added this to the next milestone Oct 25, 2017
@sjaeckel
Copy link
Member Author

sjaeckel commented Nov 5, 2017

Okay I played a bit with the implementation and I'm going to add an incremental add_AD() function.

Also there should be a siv_memory() function which has to support multiple AD's in one function call. I think I'll go the varargs way for that as it's already used as a pattern in the library whereas the array of pointers isn't. Any better ideas?

@karel-m
Copy link
Member

karel-m commented Nov 5, 2017

Just FYI - there is a bunch of AES-GCM-SIV test vectors in wycheproof test suite (look for aes_gcm_siv_test.json).

@sjaeckel
Copy link
Member Author

sjaeckel commented Nov 6, 2017

ust FYI - there is a bunch of AES-GCM-SIV test vectors in wycheproof test suite

thanks, but they don't help me now as this is only AES-SIV :)

I found those:
https://github.com/randombit/botan/blob/master/src/tests/data/aead/siv.vec
https://github.com/cryptomator/siv-mode/blob/master/src/test/resources/testcases.txt (attention, the file has 17mb ... you probably shouldn't click on the link ;) )

and I planned to hand-pick some of the cryptomator/siv-mode

@sjaeckel sjaeckel mentioned this pull request Feb 17, 2018
Open
35 tasks
@sjaeckel sjaeckel self-assigned this Feb 25, 2018
@sjaeckel sjaeckel mentioned this pull request Mar 26, 2018
Closed
@karel-m
Copy link
Member

karel-m commented Apr 10, 2021

Now exists as RFC8452 (April 2019):

@levitte
Copy link
Collaborator

levitte commented Aug 20, 2024

Also there should be a siv_memory() function which has to support multiple AD's in one function call. I think I'll go the varargs way for that as it's already used as a pattern in the library whereas the array of pointers isn't. Any better ideas?

That would essentially be siv_memory_multi() no?

This PR looks interesting, but needs some love... or is it abandoned?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@sjaeckel sjaeckel

Labels
feature
Projects
None yet
Milestone
next
Development

Successfully merging this pull request may close these issues.
3 participants
@sjaeckel @karel-m @levitte