etm

package
v3.0.0-dev.15 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 11, 2023 License: Apache-2.0, MIT Imports: 8 Imported by: 0

README

etm

This package contains code retrieved from https://github.com/codahale/etm on 2021-10-28. It implements the crypto.AEAD interface using AES-CBC encryption and sha hashing algorithms. It was stripped of all aead constructions other than AEAD_AES_256_CBC_HMAC_SHA_512 to fit our usage.

Documentation

Overview

Package etm provides a set of Encrypt-Then-MAC AEAD implementations, which combine block ciphers like AES with HMACs.

AEADs

An AEAD (Authenticated Encryption with Associated Data) construction provides a unified API for sealing messages in a way which provides both confidentiality *and* integrity.

This not only prevents malicious tampering but also eliminates online attacks like padding oracle attacks which can allow an attacker to recover plaintexts without knowledge of the secret key (e.g., Lucky 13 attack, BEAST attack, etc.).

By rejecting ciphertexts which have been modified, these types of attacks are eliminated.

Constructions

This package implements one of five proposed standards:

AEAD_AES_256_CBC_HMAC_SHA_512

Four proposed standards were removed because they aren't used here:

AEAD_AES_128_CBC_HMAC_SHA_256
AEAD_AES_192_CBC_HMAC_SHA_384
AEAD_AES_256_CBC_HMAC_SHA_384
AEAD_AES_128_CBC_HMAC_SHA1

All constructions combine AES in CBC mode with an HMAC, but vary in the degree of security offered and the amount of overhead required. See http://tools.ietf.org/html/draft-mcgrew-aead-aes-cbc-hmac-sha2-02 for full technical details.

AES-128-CBC-HMAC-SHA-256

AEAD_AES_128_CBC_HMAC_SHA_256 requires a 32-byte key, provides 128 bits of security for both confidentiality and integrity, and adds up to 56 bytes of overhead per message.

AES-192-CBC-HMAC-SHA-384

AEAD_AES_192_CBC_HMAC_SHA_384 requires a 48-byte key, provides 192 bits of security for both confidentiality and integrity, and adds up to 64 bytes of overhead per message.

AES-256-CBC-HMAC-SHA-384

AEAD_AES_256_CBC_HMAC_SHA_384 requires a 56-byte key, provides 256 bits of security for confidentiality, provides 192 bits of security for integrity, and adds up to 64 bytes of overhead per message.

AES-256-CBC-HMAC-SHA-512

AEAD_AES_256_CBC_HMAC_SHA_512 requires a 64-byte key, provides 256 bits of security for both confidentiality and integrity, and adds up to 72 bytes of overhead per message.

Example
key := []byte("yellow submarine was a love song hunt for red october was a film")
plaintext := []byte("this is a secret value")
data := []byte("this is a public value")

aead, err := NewAES256SHA512(key)
if err != nil {
	fmt.Println(err)
	return
}

nonce := make([]byte, aead.NonceSize())
_, _ = io.ReadFull(rand.Reader, nonce)

ciphertext := aead.Seal(nil, nonce, plaintext, data)

secret, err := aead.Open(nil, nil, ciphertext, data)
if err != nil {
	fmt.Println(err)
	return
}

fmt.Println(string(secret))
Output:

this is a secret value

Index

Examples

Constants

This section is empty.

Variables

This section is empty.

Functions

func NewAES256SHA512

func NewAES256SHA512(key []byte) (cipher.AEAD, error)

NewAES256SHA512 returns an AEAD_AES_256_CBC_HMAC_SHA_512 instance given a 64-byte key or an error if the key is the wrong size. AEAD_AES_256_CBC_HMAC_SHA_512 combines AES-256 in CBC mode with HMAC-SHA-512-256.

Types

This section is empty.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL