aead – WindowsTechs.com

Impact of using the AES-GCM key as AEAD associated data

Posted on August 28, 2024 by blackr1234

Will using the AES-GCM key as AEAD associated data potentially weaken the security or bring any adverse impact?
Before this question, perhaps I should ask, can an attacker extract AEAD associated data from the ciphertext without first decr… Continue reading Impact of using the AES-GCM key as AEAD associated data→

Should one really disable AEAD for recent GnuPG created PGP keys?

Posted on March 4, 2024 by Tobias Leupold

Apparently, there are some problems with the new defaults that are set when one creates a PGP key using a recent version of GnuPG (2.4).
I ran into this after generating a new ECC/ED25519 key to replace my "old" RSA one. The prob… Continue reading Should one really disable AEAD for recent GnuPG created PGP keys?→

What best to put in unused nonce bytes when using AES-GCM-SIV [migrated]

Posted on February 9, 2024 by Karsten

I want to use AES-GCM-SIV for authenticated encryption of messages in my protocol.
Since it is a wireless protocol I want to transmit as little bytes as possible. For successful decryption I need to transmit the nonce alongside the ciphert… Continue reading What best to put in unused nonce bytes when using AES-GCM-SIV [migrated]→

Replay of previously used cipher, IV and authentication tag in authenticated encryption

Posted on December 20, 2023 by Mohit Kumar Jangid

It is known that an authenticated encryption scheme is better than just encryption because, in the latter, an attacker can alter the ciphertext, which cannot be verified. In the former, altering the ciphertext can be detected by authentica… Continue reading Replay of previously used cipher, IV and authentication tag in authenticated encryption→

How to form the IV and Additional Data for TLS when encrypting the plaintext

Posted on July 24, 2023 by rare77

When using AES GCM for encryption within TLS and referring to the below diagram:

Is iv[0:3] the fixed IV established from the handshake and iv[4:11] are the current (write) sequence number + 1?

For TLS 1.2 the additional data is type || … Continue reading How to form the IV and Additional Data for TLS when encrypting the plaintext→

AEAD: Authenticating a digest of my data instead the data itself

Posted on March 14, 2023 by user2373145

Relevant question for Python:

Stack Exchange: https://stackoverflow.com/questions/75739308/aead-authentication-with-huge-input-that-doesnt-fit-into-ram
Top Answers: https://topanswers.xyz/python?q=3867

Basically: data that doesn’t fit in… Continue reading AEAD: Authenticating a digest of my data instead the data itself→

Where is the 8 byte explicit nonce for decrypting AES GCM within TLS?

Posted on February 10, 2023 by user997112

I’m confused how to retrieve the remaining 8 bytes of the nonce (to combine with the 4 bytes established during the handshake) to generate the 12 byte IV to decrypt AES 128 GCM.
RFC 5288 "AES Galois Counter Mode (GCM) Cipher Suites fo… Continue reading Where is the 8 byte explicit nonce for decrypting AES GCM within TLS?→

Generate AES-256-GCM key

Posted on November 6, 2022 by Wilfred Almeida

I’m using aes-256-gcm encryption. I used a sample key provided in the docs and it works fine.
I also tried a key generated from here and it works fine. There’s no option to specify gcm here yet the key generated works fine.
I’m trying to g… Continue reading Generate AES-256-GCM key→

Does any real world protocol makes use of the associated data in AEAD?

Posted on April 29, 2022 by Bruno Rohée

I’m trying to find evidence of use of the associated data (authenticated cleartext associated with the encrypted and authenticated data) feature offered by AEAD (Authenticated Encryption with Associated Data) construction in a real world p… Continue reading Does any real world protocol makes use of the associated data in AEAD?→