[PATCH] Add CMAC mode (Cipher-based MAC)

Werner Koch wk at gnupg.org
Thu Nov 7 08:59:12 CET 2013


On Thu, 31 Oct 2013 23:16, dbaryshkov at gmail.com said:

> Maybe we should just converge gcry_md_* and gcry_cipher_* spaces?

I would propose to add gcry_mac_* instead.  For a user of the library it
is easier to use a dedicated set of functions for MACing than to figure
out the right way to to this with gcry_cipher or gcry_md.  When I added
HMAC (for my ssh implementation), I considered this but given that back
then there was only one MAC in practical use, I used the hack with the
HMAC flag.

Now with several MAC algorithms in practical use a dedicated set of
MACing function might be useful.  It still does not solve technical
problems but it will be easy to explain and in the long run easier to
maintain.

Right, authenticated encryption is still separate and I can't see an
easy way on how to merge that without giving up a clear separation
between the functional blocks.  Eventually we will add a buffering layer
on top of the existing functions which could the be used to do
MAC+encrypt or encrypt+MAC in the various protocol dependent forms
(e.g. for OpenPGP CFB plus a SHA-1 MDC).  But this is orthogonal to the
existing building blocks.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.




More information about the Gcrypt-devel mailing list