diff options
author | Damien Miller <djm@mindrot.org> | 2013-12-05 10:22:57 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2013-12-05 10:22:57 +1100 |
commit | 114e540b15d57618f9ebf624264298f80bbd8c77 (patch) | |
tree | 413e91a3ab8ba326342c0e630e53a2623d2e0a23 /PROTOCOL.chacha20poly1305 | |
parent | e4870c090629e32f2cb649dc16d575eeb693f4a8 (diff) |
- djm@cvs.openbsd.org 2013/12/02 02:50:27
[PROTOCOL.chacha20poly1305]
typo; from Jon Cave
Diffstat (limited to 'PROTOCOL.chacha20poly1305')
-rw-r--r-- | PROTOCOL.chacha20poly1305 | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/PROTOCOL.chacha20poly1305 b/PROTOCOL.chacha20poly1305 index c4b723aff..9cf73a926 100644 --- a/PROTOCOL.chacha20poly1305 +++ b/PROTOCOL.chacha20poly1305 | |||
@@ -47,7 +47,7 @@ cipher by decrypting and using the packet length prior to checking | |||
47 | the MAC. By using an independently-keyed cipher instance to encrypt the | 47 | the MAC. By using an independently-keyed cipher instance to encrypt the |
48 | length, an active attacker seeking to exploit the packet input handling | 48 | length, an active attacker seeking to exploit the packet input handling |
49 | as a decryption oracle can learn nothing about the payload contents or | 49 | as a decryption oracle can learn nothing about the payload contents or |
50 | its MAC (assuming key derivation, ChaCha20 and Poly1306 are secure). | 50 | its MAC (assuming key derivation, ChaCha20 and Poly1305 are secure). |
51 | 51 | ||
52 | The AEAD is constructed as follows: for each packet, generate a Poly1305 | 52 | The AEAD is constructed as follows: for each packet, generate a Poly1305 |
53 | key by taking the first 256 bits of ChaCha20 stream output generated | 53 | key by taking the first 256 bits of ChaCha20 stream output generated |
@@ -101,5 +101,5 @@ References | |||
101 | [3] "ChaCha20 and Poly1305 based Cipher Suites for TLS", Adam Langley | 101 | [3] "ChaCha20 and Poly1305 based Cipher Suites for TLS", Adam Langley |
102 | http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 | 102 | http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03 |
103 | 103 | ||
104 | $OpenBSD: PROTOCOL.chacha20poly1305,v 1.1 2013/11/21 00:45:43 djm Exp $ | 104 | $OpenBSD: PROTOCOL.chacha20poly1305,v 1.2 2013/12/02 02:50:27 djm Exp $ |
105 | 105 | ||