AES-GCM and AEAD Protected Data Packet (IETF draft)
Tankred Hase
mail at tankredhase.de
Wed Mar 23 03:20:24 CET 2016
Hi,
I’ve implemented initial support for AES-GCM in OpenPGP.js using the IETF draft for authenticated encryption:
https://tools.ietf.org/html/draft-ford-openpgp-format-00
I’ve created a pull request on GitHub for the implementation. The specification leaves quite a bit of wiggle room and I’ve listed my thoughts here:
https://github.com/openpgpjs/openpgpjs/pull/430
I’ve already contacted the specification author to give feedback, but being the most widely adopted OpenPGP implementation out there, I also wanted to get the GnuPG community's thoughts. Making GCM the new standard mode for symmetric encryption would give us a modern and performant alternative to OpenPGP's CFB mode. Especially with regards to the WebCrypto api, where GCM is natively supported, but not CFB (currently marked as a 'WontFix' in the chromium bug tracker):
https://www.chromium.org/blink/webcrypto#TOC-Supported-algorithms-as-of-Chrome-46-
Together will ECC asymmetric encryption, GCM should give OpenPGP a modern cipher suite supported natively in browsers. This will hopefully also allow the community to deprecate some older crypto down the road. Looking forward to your feedback.
Thanks,
Tankred
P.S. Just for reference, here are the GitHub issues tracking ECC in OpenPGP.js. We have not started implementing them, but the plan is to move ahead after GCM is merged:
https://github.com/openpgpjs/openpgpjs/issues/427
https://github.com/openpgpjs/openpgpjs/issues/428
More information about the Gnupg-users
mailing list