Cheers !
(to be continued?)
September 28th, 2014 Update:
Daniel Bleichenbacher raised a flaw in the proposed scheme for Associated Data: any triplet ... || x || y || y || ..., in the AD string can be replaced by ... || y || x || x || ... and the modification will not be detected. A silly mistake of me :(
I suppose it can be easily fixed somehow (in fact, I'm tempted to post some simple solutions) but I wont it do by my own. Working in a solo team and devoting only a fraction of my spare time makes me unable to consolidate a v2.0 for ++æ. In any case, I found some fun and beaty during this exercise with Fibonacci sequences applied to AE and I'll go on, at a slower pace and only for my eyes by the moment, with some funny concept in this line for a even much simpler AEAD scheme ...
October 21st 2014 Update
... just to write down that a generalized sound approach would be to handle the AD data in the same way that cryptogram blocks when processed by the authenticated decryption algorithm ... If i find some time I'll update some day the corresponding diagram specifications for the three ++a2 v2.0 candidates ...
September 28th, 2014 Update:
Daniel Bleichenbacher raised a flaw in the proposed scheme for Associated Data: any triplet ... || x || y || y || ..., in the AD string can be replaced by ... || y || x || x || ... and the modification will not be detected. A silly mistake of me :(
I suppose it can be easily fixed somehow (in fact, I'm tempted to post some simple solutions) but I wont it do by my own. Working in a solo team and devoting only a fraction of my spare time makes me unable to consolidate a v2.0 for ++æ. In any case, I found some fun and beaty during this exercise with Fibonacci sequences applied to AE and I'll go on, at a slower pace and only for my eyes by the moment, with some funny concept in this line for a even much simpler AEAD scheme ...
October 21st 2014 Update
... just to write down that a generalized sound approach would be to handle the AD data in the same way that cryptogram blocks when processed by the authenticated decryption algorithm ... If i find some time I'll update some day the corresponding diagram specifications for the three ++a2 v2.0 candidates ...
No hay comentarios:
Publicar un comentario