[−][src]Module tink_streaming_aead::subtle::noncebased

Provide a reusable streaming AEAD framework.

It tackles the segment handling portions of the nonce based online encryption scheme proposed in "Online Authenticated-Encryption and its Nonce-Reuse Misuse-Resistance" by Hoang, Reyhanitabar, Rogaway and Vizár (https://eprint.iacr.org/2015/189.pdf).

In this scheme, the format of a ciphertext is:

header || segment_0 || segment_1 || ... || segment_k.

The format of header is:

header_length || salt || nonce_prefix

header_length is 1 byte which documents the size of the header and can be obtained via header_length(). In principle, header_length is redundant information, since the length of the header can be determined from the key size.

salt is a salt used in the key derivation.

nonce_prefix is a prefix for all per-segment nonces.

segment_i is the i-th segment of the ciphertext. The size of segment_1 .. segment_{k-1} is ciphertextSegmentSize. segment_0 is shorter, so that segment_0 plus additional data of size firstCiphertextSegmentOffset (e.g. the header) aligns with ciphertextSegmentSize.

The first segment size will be:

ciphertext_segment_size - header_length() - first_ciphertext_segment_offset.

Structs

Reader	`Reader` facilitates the decryption of ciphertexts created using a `Writer`.
ReaderParams	`ReaderParams` contains the options for instantiating a `Reader` via `Reader::new()`.
Writer
WriterParams	`WriterParams` contains the options for instantiating a `Writer` via `Writer::new()`.

Traits

SegmentDecrypter	`SegmentDecrypter` facilitates implementing various streaming AEAD encryption modes.
SegmentEncrypter	`SegmentEncrypter` facilitates implementing various streaming AEAD encryption modes.