Filippo Valsorda :go: on Nostr: Last year I wrote that “I want to use XAES-256-GCM, which has a number of nice ...
Last year I wrote that “I want to use XAES-256-GCM, which has a number of nice properties and only the annoying defect of not existing.” Well, here we go.
A new extended-nonce AEAD designed for high-level APIs with random nonces and FIPS 140 compliance.
It's easy to describe and implement at a low level, but can be described at a high level as using a NIST KDF.
Complete of a C2SP spec, extensive test vectors, Go and OpenSSL reference code, and an alternatives section.
https://words.filippo.io/xaes-256-gcm/?source=MastodonPublished at
2024-06-26 14:32:34Event JSON
{
"id": "dc87ccc31af12cb8c6d33ad018f4767c65b23ca7b87dff7e14379124f9e4602a",
"pubkey": "75c4441558d260c0ca589ce8fa89fd5052eccf0b09fca823796810a986ad1c8e",
"created_at": 1719412354,
"kind": 1,
"tags": [
[
"proxy",
"https://abyssdomain.expert/users/filippo/statuses/112683408076495639",
"activitypub"
]
],
"content": "Last year I wrote that “I want to use XAES-256-GCM, which has a number of nice properties and only the annoying defect of not existing.” Well, here we go.\n\nA new extended-nonce AEAD designed for high-level APIs with random nonces and FIPS 140 compliance.\n\nIt's easy to describe and implement at a low level, but can be described at a high level as using a NIST KDF.\n\nComplete of a C2SP spec, extensive test vectors, Go and OpenSSL reference code, and an alternatives section.\n\nhttps://words.filippo.io/xaes-256-gcm/?source=Mastodon",
"sig": "7eab7262d7924381d24295d49c577f45dc0b854a06811041e99e7fd125e849ca2bb5378e45263a6cca0a76c4528c98a53b89cfb634cf84ea47fa0e62410da460"
}