Open newpavlov opened 4 years ago
xsalsa20poly1305
could benefit from this, as it doesn't support AAD
libInterMAC provides a reference implementation for transforming AEADs into algorithms with strong security in the presence of ciphertext fragmentation https://tosc.iacr.org/index.php/ToSC/article/view/7397. This algorithm would benefit from these traits, because associated data cannot be allowed by the algorithm, otherwise it would be trivially broken in BH-sfCFA. From an API perspective this algorithm looks like authenticated encryption without associated data.
Currently we don't have traits/types for authenticated encryption (without associated data). We could implement EtM, E&M and MTE constructs generically over stream ciphers/block modes and MACs. But it's not clear if we should follow
block-modes
here and add implementations and traits into a single crait, or add AE trait(s) to theaead
crate.