I've actually just asked similar question: https://github.com/dint-dev/cryptography/issues/125 (cryptography package for Flutter), but since this package uses PointyCastle there is a chance things may be different.
Basically, I am looking to decrypt the AES-GCM stream on the fly and still perform the authentication after the whole stream is read. Is that possible with this library?
Whilst it has certain security risks, it is certainly possible from a protocol perspective (see example Python code: https://trinket.io/python3/445dfc8d86 - sometimes run button needs to be clicked couple times for the "crypto" imports to be loaded correctly)
Second question is how does one go about encrypting big file, e.g. 10GB video (which is perfectly fine from an AES-GCM security perspective, as way <64GB limit) without facing any memory issues?
If it turns out be difficult to achieve streaming with the current state of Dart libraries, I would consider switching to different cipher, since I have flexibility to decide at this point.
I've noticed that whereas GCMBlockCipher extends BaseAEADBlockCipher, the ChaCha20Poly1305 extends BaseAEADCipher which has additional doFinal method which I hope brings me closer to performing encryption/decryption in chunks and then running verification/authentication at the end.
Can you help me to identify if there are any ways to achieve streaming using any authenticated protocol whether AES or ChaCha20?
I've actually just asked similar question: https://github.com/dint-dev/cryptography/issues/125 (
cryptography
package for Flutter), but since this package uses PointyCastle there is a chance things may be different.Basically, I am looking to decrypt the AES-GCM stream on the fly and still perform the authentication after the whole stream is read. Is that possible with this library? Whilst it has certain security risks, it is certainly possible from a protocol perspective (see example Python code: https://trinket.io/python3/445dfc8d86 - sometimes run button needs to be clicked couple times for the "crypto" imports to be loaded correctly)
Second question is how does one go about encrypting big file, e.g. 10GB video (which is perfectly fine from an AES-GCM security perspective, as way <64GB limit) without facing any memory issues?
If it turns out be difficult to achieve streaming with the current state of Dart libraries, I would consider switching to different cipher, since I have flexibility to decide at this point. I've noticed that whereas
GCMBlockCipher
extendsBaseAEADBlockCipher
, theChaCha20Poly1305
extendsBaseAEADCipher
which has additionaldoFinal
method which I hope brings me closer to performing encryption/decryption in chunks and then running verification/authentication at the end.Can you help me to identify if there are any ways to achieve streaming using any authenticated protocol whether AES or ChaCha20?