Folks who use AEAD cryptography in their applications: are there protocols or situations where you don't know any additional data to authenticate when you know the plaintext to encrypt?
-
Show this thread
-
I'm asking because I'm writing a simple AEAD api and it's basically AEAD(key, nonce, additional_data, plaintext). As you'd expect. OpenSSL's EVP api is very different though .. the additional data can be added at any point.
4 replies 0 retweets 2 likesShow this thread -
Replying to @colmmacc
I haven't met this situation in real life,but I can imagine a situation where you want to add authenticated timestamp to encrypted data just before you send it and you don't want encryption latency affect your timestamp.Encrypt then add authenticated timestamp.Does it make sense?
1 reply 0 retweets 0 likes -
Replying to @Stebanoid
Makes sense, but how would the receiver know the timestamp you used?
1 reply 0 retweets 0 likes -
Replying to @colmmacc
Timestamp is in plain text in authenticated, but not encrypted part of the message. We put it there after encryption. That's the data we add after encryption.
2 replies 0 retweets 0 likes -
Replying to @Stebanoid
But to authenticate the message, the receiver will need to know what the timestamp actually is :)
1 reply 0 retweets 0 likes -
Replying to @colmmacc
We clearly don't understand each other. :) Do you mean that there's absolutely no authenticated data in the message sent?
1 reply 0 retweets 0 likes -
Replying to @Stebanoid @colmmacc
I thought you're asking about situation there auth. data is present eventually, but is unknown at the moment of encryption.
1 reply 0 retweets 0 likes
Messages generally don't include the additional data ... If they did, it'd have to be as plaintext, which is usually bad. Usually additional data is context that the sender and receiver can verify they each agree on.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.