Module aead::stream [−][src]
stream only.Expand description
Streaming AEAD support.
Implementation of the STREAM online authenticated encryption construction as described in the paper Online Authenticated-Encryption and its Nonce-Reuse Misuse-Resistance.
About
The STREAM construction supports encrypting/decrypting sequences of AEAD message segments, which is useful in cases where the overall message is too large to fit in a single buffer and needs to be processed incrementally.
STREAM defends against reordering and truncation attacks which are common in naive schemes which attempt to provide these properties, and is proven to meet the security definition of “nonce-based online authenticated encryption” (nOAE) as given in the aforementioned paper.
Diagram
Legend:
- 𝐄k: AEAD encryption under key
k - 𝐌: message
- 𝐍: nonce
- 𝐀: additional associated data
- 𝐂: ciphertext
- 𝜏: MAC tag
Macros
Implement a stateful STREAM object (i.e. encryptor or decryptor)
Structs
Stateful STREAM object which can decrypt AEAD messages one-at-a-time.
Stateful STREAM object which can encrypt AEAD messages one-at-a-time.
The original “Rogaway-flavored” STREAM as described in the paper Online Authenticated-Encryption and its Nonce-Reuse Misuse-Resistance.
STREAM as instantiated with a 31-bit little endian counter and 1-bit “last block” flag stored as the most significant bit of the counter when interpreted as a 32-bit integer.
Traits
Create a new STREAM from the provided AEAD.
Low-level STREAM implementation.
Type Definitions
STREAM decryptor instantiated with StreamBE32 as the underlying
STREAM primitive.
STREAM decryptor instantiated with StreamLE31 as the underlying
STREAM primitive.
STREAM encryptor instantiated with StreamBE32 as the underlying
STREAM primitive.
STREAM encryptor instantiated with StreamLE31 as the underlying
STREAM primitive.
Nonce as used by a given AEAD construction and STREAM primitive.
Size of a nonce as used by a STREAM construction, sans the overhead of the STREAM protocol itself.