KeyCzar paper incorrect?
45 views
Skip to first unread message
Maarten Bodewes
Oct 13, 2015, 4:08:52 PM10/13/15
to Keyczar Discuss
In 6.2 the paper states (in the first and second table):
verifyStream.updateVerify(ciphertextChunk);
In other words, I would expect:
Would it be possible to update the paper, or make clear it is deprecated by now?
Header | IV (if any) | Encrypt(M) | Sign(header | IV | M) (if any)
This seems incorrect to me, if I look e.g. at the Java source code it seems encrypt-then-sign is used, not encrypt-and-sign:verifyStream.updateVerify(ciphertextChunk);
In other words, I would expect:
Header | IV (if any) | Encrypt(M) | Sign(header | IV | Encrypt(M)) (if any)
Would it be possible to update the paper, or make clear it is deprecated by now?
Steve Weis
Oct 13, 2015, 4:13:59 PM10/13/15
to Keyczar Discuss
You're right that this is a typo. That paper is very out of date and should probably be removed or revised completely.
Regardless, I fixed the latex source:
https://github.com/google/keyczar/commit/c0be62c27969c212a2b81ca238ea67bee23d7dea
https://github.com/google/keyczar/commit/c0be62c27969c212a2b81ca238ea67bee23d7dea
--
You received this message because you are subscribed to the Google Groups "Keyczar Discuss" group.
To unsubscribe from this group and stop receiving emails from it, send an email to keyczar-discu...@googlegroups.com.
To post to this group, send email to keyczar...@googlegroups.com.
Visit this group at http://groups.google.com/group/keyczar-discuss.
For more options, visit https://groups.google.com/d/optout.
devin lundberg
Oct 13, 2015, 4:18:27 PM10/13/15
to keyczar...@googlegroups.com
I updated https://github.com/google/keyczar/wiki/CiphertextFormat which had the same typo.
Reply all
Reply to author
Forward
0 new messages