Folks who use AEAD cryptography in their applications: are there protocols or situations where you don't know any additional data to authenticate when you know the plaintext to encrypt?
-
-
I haven't met this situation in real life,but I can imagine a situation where you want to add authenticated timestamp to encrypted data just before you send it and you don't want encryption latency affect your timestamp.Encrypt then add authenticated timestamp.Does it make sense?
-
Makes sense, but how would the receiver know the timestamp you used?
- 5 more replies
New conversation -
-
-
OpenSSL's API documentation claims it can be added at any point. Try it in the wrong order on decrypt though, and you just get bad tag failures.
-
The orders have to match on both sides of course :) But you can still add the AD at the beginning or the end, or even in the middle!
End of conversation
New conversation -
-
-
FWIW that looks exactly like Go’s AEAD API, and I’m not aware of any practical problems with it.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
Show additional replies, including those that may contain offensive content
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.