Folks who use AEAD cryptography in their applications: are there protocols or situations where you don't know any additional data to authenticate when you know the plaintext to encrypt?
-
Show this thread
-
I'm asking because I'm writing a simple AEAD api and it's basically AEAD(key, nonce, additional_data, plaintext). As you'd expect. OpenSSL's EVP api is very different though .. the additional data can be added at any point.
4 replies 0 retweets 2 likesShow this thread -
Replying to @colmmacc
OpenSSL's API documentation claims it can be added at any point. Try it in the wrong order on decrypt though, and you just get bad tag failures.
1 reply 0 retweets 0 likes
Replying to @_dlgeek_
The orders have to match on both sides of course :) But you can still add the AD at the beginning or the end, or even in the middle!
6:53 PM - 18 Apr 2019
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.