Cryptography "Associated Data" and authentication composition

---

• "Associated Data" and authentication composition
• Best practices for choosing associated data in AEAD?
• Try Cool new Encryption Android App

"Associated Data" and authentication composition Posted: 03 Jan 2019 04:33 PM PST I'm a little confused about what "Associated Data" really pertains to in authenticated encryption models. I'm thinking specifically about MAC-and-encrypt ( not MAC-then-encrypt ). In Serious Cryptography, Aumasson says. Still, despite its relative weakness, encrypt-and-MAC continues to be supported by many systems, including the secure transport layer protocol SSH, wherein each encrypted packet C is followed by the tag T = MAC(K, N || P) sent in the unencrypted plaintext packet P. N in this equation is a 32-bit sequence number that is incremented for each sent packet, in order to help ensure that the received packets are processed in the right order. In practice, encrypt-and-MAC has proven good enough for use with SSH, thanks to the use of strong MAC algorithms like HMAC-SHA-256 that don't leak information on P. In this context, is N "Associated Data"? Also, suppose that K was derived with PBKDF2 using a salt that was used only once and randomly derived, and applied at the header of the message. Should the salt be authenticated as "Associated Data" as well? Wouldn't this be superfluous since PBKDF2 wouldn't generate the proper K without the proper salt anyway? What exactly is the necessity behind including N with K in encrypt-and-MAC? Simply to prevent brute-forcing of N? submitted by /u/kennbr [link] [comments]

Best practices for choosing associated data in AEAD? Posted: 03 Jan 2019 02:58 PM PST I'm using google's tink crypto library and it's working well for my needs. However, the encrypt and decrypt calls take an associated data parameter that provides the authentication portion of AEAD (I think). But I haven't found any information on the best practices for what to use for the associated data values. Should it be global to the application? Should I make it specific to the module? The user? Something else? Is there any information about what to choose? submitted by /u/unshadowme [link] [comments]

Try Cool new Encryption Android App Posted: 03 Jan 2019 09:14 AM PST https://play.google.com/store/apps/details?id=com.przyklad.SkyTale.SkyKey ​ ​ submitted by /u/Majesteen [link] [comments]

You are subscribed to email updates from Cryptography news and discussions. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States