> Does anything break by extending CryptoPP::GCM by a resynchronize method
> which does not change the iv, like:
>
> class CtrNonceGCMEncryption : public CryptoPP::GCM<CryptoPP::AES >::
> Encryption {
> public:
> void Resynchronize() { m_state = State_IVSet; }
> };
>
> and using this method instead (as well as in Decryption)? This would save
> on random nonce generation and transmission.
>
Sorry to dig up an old thread....
There _can_ be another small risk when using GCM mode. I learned about it
when researching non-constant time increment functions. For information on
it, see "Should Increment functions be near-constant time?",
http://crypto.stackexchange.com/q/30261/10496.
I looked at the library's GCM code, and we might want to place a mitigation.
Jeff
--
--
You received this message because you are subscribed to the "Crypto++ Users"
Google Group.
To unsubscribe, send an email to [email protected].
More information about Crypto++ and this group is available at
http://www.cryptopp.com.
---
You received this message because you are subscribed to the Google Groups
"Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
