AES-GCM as stream cipher?
1,888 views
Skip to first unread message
Xiaoyi Shi
Feb 27, 2018, 6:24:37 AM2/27/18
to golang-nuts
Hi all,
Is it possible to use go's GCM implementation as a stream cipher? It appears to me that the counter/tag are held private within the AEAD.Seal/Open methods.
Thanks!
Edouard Buschini
Feb 27, 2018, 10:51:13 AM2/27/18
to Xiaoyi Shi, golang-nuts
The tag is wrapped inside of the output of seal:
- size of the tag: https://golang.org/src/crypto/cipher/gcm.go#L126
You have to pass the tag + encrypted data to open to decrypt.
AES-GCM already works like a stream cipher, meaning the result of seal will be len(plaintext) + tagLength, as opposed to CBC that has fixed blocks and require padding.
I assume what you are asking is stream cipher as stream like a unix Pipe -- I believe CTR mode does this on Go's API.
This is highly discouraged because GCM is authenticated: the tag acts like a MAC for the encrypted data that follows. You have to put all the plaintext in memory before starting the process.
One way to achieve this is to predefined some "block" length -- say 16KB -- then each time you encrypt the length of the block after generating a nonce every time -- it can be less if you are reaching EOF.
In order to decrypt, you need to have output the nonce + the result of seal() -- which is tag + encrypted text.
This way you will have achieved a streaming way of encrypting/decrypting in AES-GCM. I assume this is done for TLS too.
You have couple tricks to reduce the size of the "nonce overhead" with some nonce scheme. But remember to NEVER REUSE A NONCE WITH THE SAME KEY as it would be fatal otherwise.
I am not a cryptographer at all but for fun I wrote this exact scheme a month ago: https://github.com/tehmoon/cryptocli/blob/master/command/aesGCMEncrypt.go#L55
--
You received this message because you are subscribed to the Google Groups "golang-nuts" group.
To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Xiaoyi Shi
Feb 28, 2018, 6:24:03 AM2/28/18
to golang-nuts
Thanks!
To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts...@googlegroups.com.
Reply all
Reply to author
Forward
0 new messages