All Questions
5
questions
0
votes
1
answer
361
views
ChaCha20-Poly1305 and AES-GCM-SIV output size
Background information:
I need to encrypt 168bit messages, the ciphertext should, preferably, match the plaintext size. Message Authentication and Integrity is not a must, but a really important ...
3
votes
2
answers
1k
views
Encrypting arbitrary large files in AEAD chunks - how to protect against chunk reordering?
I would like to encrypt big files using an authenticated cipher. I am convinced to use approach where file is divided into smaller manageable chunks that fit easily in memory (e.g. 1-10MB size) which ...
1
vote
0
answers
285
views
Constructing an XChaCha20-Poly1305 Equivalent using FIPS-140 Primitives
I am playing around with the idea of modelling clustered data storage as a series of AEAD messages. XChaCha20-Poly1305 has nice properties for my intended design, as the ability to use random IVs ...
0
votes
1
answer
2k
views
Why AES 256 GCM is more preferred by email service providers / banks over the fast and efficient ChaCha20 - Poly1305?
This question is based on my recent observation of preferences of certain email service providers and banks to use AES related symmetric ciphers over the more fast ChaCha20 Poly1305 . For example ...
0
votes
2
answers
706
views
If all encrypt algorithms in TLS1.3 ciphersuites are AEAD , why do they keep including a Hash algorithm?
In TLS1.3 all allowed algorithms included in cipher suites are AEAD, which means they don't just encrypt but they authenticate too (thus if I don't misunderstand, they give not only confidentiality ...