Re: [cryptopp-users] Re: ECIES with no HMAC

2019-07-01 Thread Jeffrey Walton
On Mon, Jul 1, 2019 at 7:15 PM Uri Blumenthal wrote: > > Hopefully it will not impact BouncyCastle interoperability. Now - also Botan > interoperability. Yeah, looking at the ECIES tests, it looks like pairwise consistency - generate a key and then round trip some plaintext. I think we should

Re: [cryptopp-users] Re: ECIES with no HMAC

2019-07-01 Thread Uri Blumenthal
Hopefully it will not impact BouncyCastle interoperability. Now - also Botan interoperability. Sent from my test iPhone > On Jul 1, 2019, at 19:00, Jeffrey Walton wrote: > > > >> On Monday, July 1, 2019 at 6:48:57 PM UTC-4, Mouse wrote: >> If memory serves, ECIES standard required

Re: [cryptopp-users] Re: ECIES with no HMAC

2019-07-01 Thread Jeffrey Walton
On Monday, July 1, 2019 at 6:48:57 PM UTC-4, Mouse wrote: > > If memory serves, ECIES standard required ^authenticated* encryption. That > means - null hash wasn't allowed. > > Besides, there's Moxy Marlinspike principle: "If you don't enforce > integrity, sooner or later you'll lose

Re: [cryptopp-users] Re: ECIES with no HMAC

2019-07-01 Thread Uri Blumenthal
If memory serves, ECIES standard required ^authenticated* encryption. That means - null hash wasn't allowed. Besides, there's Moxy Marlinspike principle: "If you don't enforce integrity, sooner or later you'll lose confidentiality as well." Having said that, I don't recall why that particular

Re: [cryptopp-users] Re: ECIES with no HMAC

2019-07-01 Thread Jeffrey Walton
On Monday, July 1, 2019 at 5:53:45 PM UTC-4, Jeffrey Walton wrote: > > On Mon, Jul 1, 2019 at 5:38 PM Andrew Wason wrote: > > > > On Monday, July 1, 2019 at 2:51:39 PM UTC-4, Jeffrey Walton wrote: > >> > >> > >> I think this may have something to do with >

Re: [cryptopp-users] Re: ECIES with no HMAC

2019-07-01 Thread Jeffrey Walton
On Mon, Jul 1, 2019 at 5:38 PM Andrew Wason wrote: > > On Monday, July 1, 2019 at 2:51:39 PM UTC-4, Jeffrey Walton wrote: >> >> >> I think this may have something to do with >> https://cryptopp.com/wiki/Elliptic_Curve_Integrated_Encryption_Scheme#Bouncy_Castle_Patch >> . That section needs to

[cryptopp-users] Re: ECIES with no HMAC

2019-07-01 Thread Andrew Wason
On Monday, July 1, 2019 at 2:51:39 PM UTC-4, Jeffrey Walton wrote: > > > I think this may have something to do with > https://cryptopp.com/wiki/Elliptic_Curve_Integrated_Encryption_Scheme#Bouncy_Castle_Patch > > . That section needs to clearly state when the change occirs but it does > not.

[cryptopp-users] Re: ECIES with no HMAC

2019-07-01 Thread Jeffrey Walton
On Monday, July 1, 2019 at 2:07:06 PM UTC-4, Andrew Wason wrote: > > We have been using the code below with libcrypto++6 on Ubuntu for years. > It uses a custom NULLHash implementation to reduce the size of the final > ciphertext since we are not concerned with message integrity. > > I