[go-nuts] Authenticated Encryption?
Nov 14, 2012 at 2:44 am
Check go.crypto for an nacl and openpgp implementation.
: I was looking through crypto/cipher and noticed that there are no authenticated encryption modes. Are there any Go implementations of GCM, EAX or CCM in use? The vast majority of symmetric encryption uses these days should really be using authenticated encryption due to the attacks that are possible when using a unauthenticated mode. It is possible to Encrypt-then-MAC, but this requires the developer to implement it securely. Jonathan --
: I've written an implementation of Keyczar (keyczar.org) that uses Encrypt-then-MAC. (AES+HMAC). https://github.com/dgryski/dkeyczar . It's compatible with Google's C++/Java/Python implementations. Damian --
: As already noted, the recommended authenticated encryption is NaCl, which is implemented in go.crypto. GCM, unfortunately, is prone to side-channel attacks when implemented in software because it's a hardware orientated design. Support for it may appear in the main repo at some point in order to support TLS 1.2, but it's not a priority right now. (If it does, hopefully we can get a bitsliced implementation and AES-NI support in order to avoid those concerns.) Cheers AGL --
[go-nuts] Deterministic encryption and authentication
[go-nuts] Alternate CSPRNG implementations
[go-nuts] find types that satisfy an interface in a source tree?
[go-nuts] [ANN] go-restful , yet another package for building REST-style Webservices
[go-nuts] I am dreaming of a massively parallel CPU for Go
[go-nuts] Optional second value assignment in user code?
[go-nuts] Re: Request review: Finding the dice coefficient for two strings
Re: [go-nuts] Implementing several interfaces with colliding method names
[go-nuts] Question from newbie to the gurus
[go-nuts] Go implementations of AES-SIV and AES-CMAC
2 of 4
Nov 13, '12 at 8:37p
Nov 14, '12 at 4:17p
4 users in discussion
Jonathan Rudenberg (1)
Stephen Day (1)
Damian Gryski (1)
Groups & Organizations
site design / logo © 2021 Grokbase