AEADs icon indicating copy to clipboard operation
AEADs copied to clipboard

Published 20 hours ago verified publisher icon RustCrypto

eax: allow variable length nonces

Open lopsided98 opened this issue 3 years ago • 4 comments

Similar to #62, except with EAX. I would like to be able to interoperate with an existing protocol that uses 32-bit nonces. Presumably this could be implemented similarly to #126, but I'm not familiar enough with the codebase to do it easily.

lopsided98 avatar Nov 28 '20 05:11 lopsided98

Is what you need implemented in #231? :)

Flakebi avatar Jan 09 '21 20:01 Flakebi

I think so. Please reopen if not.

tarcieri avatar Jan 11 '21 14:01 tarcieri

No, that PR doesn't implement what I need. That allows variable length tags, whereas I need variable length nonces. The nonce size is still hardcoded to the block size: https://github.com/RustCrypto/AEADs/blob/master/eax/src/lib.rs#L192

lopsided98 avatar Jan 15 '21 02:01 lopsided98

I have the same issue with a different protocol: eddystone ETLM uses 48-bit nonce (https://github.com/google/eddystone/blob/master/eddystone-tlm/tlm-encrypted.md). I think the solution used for aesgcm would be enough here too, although it's unfortunate that the order of the generic parameters for nonce and tag sizes would not match the other algorithm without a breaking change.

tracktwo avatar Nov 21 '23 15:11 tracktwo