README
¶
nestedaes
Go module that implements updatable re-encryption using nested AES based on the ASIACRYPT'20 paper "Improving Speed and Security in Updatable Encryption Schemes" by Boneh et al.
Documentation
¶
Overview ¶
The format of a blob is:
BLOB := HEADER || PAYLOAD HEADER := PLAIN_HEADER || ENCRYPTED_HEADER PLAIN_HEADER := SIZE || IV ENCRYPTED_HEADER := TAG || ENTRIES... ENTRY := KEK || DEK
The PAYLOAD is encrypted plaintext.
Index ¶
- Constants
- func Decrypt(blob, kek []byte, additionalData []byte) ([]byte, error)
- func Encrypt(plaintext, kek, iv, additionalData []byte) ([]byte, error)
- func Reencrypt(blob, kek []byte) ([]byte, []byte, error)
- func SplitHeaderPayload(blob []byte) ([]byte, []byte, error)
- type EncryptedHeader
- type Header
- type PlainHeader
Constants ¶
const KeySize = aes256.KeySize
Variables ¶
This section is empty.
Functions ¶
func Encrypt ¶
Encrypt encrypts the plaintext and returns the Blob. The function encrypts the plaintext with a randomly generated Data Encryptoin Key (KEK), and uses the input Key Encryption Key (KEK) to encrypt the DEK in the Blob's header. The IV is the BaseIV. The caller should randomly generate it; each subsequent layer of encryption uses a different IV derived from the BaseIV. The same IV must never be passed to this function more than once. TODO: does Encrypt modify the plaintext input?
Types ¶
type EncryptedHeader ¶
type Header ¶
type Header struct {
PlainHeader
EncryptedHeader
}
func UnmarshalHeader ¶
Unmarshal takes a marshalled version of the header and the current Key Encryption Key (KEK) and deserializes and decrypts the header.
func (*Header) Marshal ¶
Marshal marshals the header to a []byte. As part of marshaling, this method takes care of encrypting the "encrypted" portion of the header.
func (*Header) String ¶
String satisfies the fmt.Stringer interface.
Source Files
Directories