-
Notifications
You must be signed in to change notification settings - Fork 173
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Adding AEAD support as new encryption method #736
base: master
Are you sure you want to change the base?
Conversation
silverdaz
commented
Jul 22, 2023
- Adding a new encryption method (with AEAD)
- Updating the graphics with a new packet type
- Separating the packet type because extending the session key packets with 4 more bytes makes it incompatible when using multiple session keys
PR for @daviesrob about Crypt4GH. Note: I do think the Crypt4GH specs should be moved away from this repository, and have its own. You can have a look at the python implementation for AEAD support. It's a branch and I have not merged it yet to master |
|
A few comments following a read-through: This part of the "Security Considerations" could do with updating, as the new encryption method prevents block reordering. I don't think it fixes the last part where you add a new header packet though, although you'd need access to the recipient public key from elsewhere to successfully do that. It would be possible to close that last loophole by insisting that only one writer's public key is used, as the attacker will not have the corresponding private key. The name In the header packet, I think the line about the new method using AAD should be removed from the I have a few ideas for the sections about encryption and decryption, but need to work on them a bit more. I'll add some suggestions later. |