From: Eric Biggers <ebiggers@kernel.org>
To: linux-crypto@vger.kernel.org, Herbert Xu <herbert@gondor.apana.org.au>
Cc: "Jason A . Donenfeld" <Jason@zx2c4.com>,
Greg Kaiser <gkaiser@google.com>,
Tomer Ashur <tomer.ashur@esat.kuleuven.be>,
Samuel Neves <samuel.c.p.neves@gmail.com>,
linux-kernel@vger.kernel.org, linux-fscrypt@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
Paul Crowley <paulcrowley@google.com>
Subject: Re: [PATCH v4 00/14] crypto: Adiantum support
Date: Fri, 30 Nov 2018 09:58:03 -0800 [thread overview]
Message-ID: <20181130175802.GB135453@gmail.com> (raw)
In-Reply-To: <20181117012631.23528-1-ebiggers@kernel.org>
On Fri, Nov 16, 2018 at 05:26:17PM -0800, Eric Biggers wrote:
>
> Therefore, we (well, Paul Crowley did the real work) designed a new
> encryption mode, Adiantum. In essence, Adiantum makes it secure to use
> the ChaCha stream cipher for disk encryption. Adiantum is specified by
> our paper here: https://eprint.iacr.org/2018/720.pdf ("Adiantum:
> length-preserving encryption for entry-level processors"). Reference
> code and test vectors are here: https://github.com/google/adiantum.
> Most of the high-level concepts of Adiantum are not new; similar
> existing modes include XCB, HCTR, and HCH. Adiantum and these modes are
> true wide-block modes (tweakable super-pseudorandom permutations), so
> they actually provide a stronger notion of security than XTS.
>
In case anyone is interested: Paul and I have made some improvements to the
Adiantum paper and have updated the preprint at the above link. The algorithm
is still the same, but explanations have been improved and the proof has been
redone using a different technique that is easier to follow. It also matches
the version that will be published in IACR Transactions on Symmetric Cryptology
(ToSC) Volume 2018 Issue 4.
All versions of our paper can be found at https://eprint.iacr.org/2018/720, and
the .tex source is at https://github.com/google/adiantum/tree/master/specification.
- Eric
_______________________________________________
linux-arm-kernel mailing list
linux-arm-kernel@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/linux-arm-kernel
prev parent reply other threads:[~2018-11-30 17:58 UTC|newest]
Thread overview: 22+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-11-17 1:26 [PATCH v4 00/14] crypto: Adiantum support Eric Biggers
2018-11-17 1:26 ` [PATCH v4 01/14] crypto: chacha20-generic - add HChaCha20 library function Eric Biggers
2018-11-17 1:26 ` [PATCH v4 02/14] crypto: chacha20-generic - don't unnecessarily use atomic walk Eric Biggers
2018-11-17 1:26 ` [PATCH v4 03/14] crypto: chacha20-generic - add XChaCha20 support Eric Biggers
2018-11-17 1:26 ` [PATCH v4 04/14] crypto: chacha20-generic - refactor to allow varying number of rounds Eric Biggers
2018-11-17 1:26 ` [PATCH v4 05/14] crypto: chacha - add XChaCha12 support Eric Biggers
2018-11-17 1:26 ` [PATCH v4 06/14] crypto: arm/chacha20 - limit the preemption-disabled section Eric Biggers
2018-11-17 1:26 ` [PATCH v4 07/14] crypto: arm/chacha20 - add XChaCha20 support Eric Biggers
2018-11-17 1:26 ` [PATCH v4 08/14] crypto: arm/chacha20 - refactor to allow varying number of rounds Eric Biggers
2018-11-17 1:26 ` [PATCH v4 09/14] crypto: arm/chacha - add XChaCha12 support Eric Biggers
2018-11-17 1:26 ` [PATCH v4 10/14] crypto: poly1305 - use structures for key and accumulator Eric Biggers
2018-11-17 1:43 ` Ard Biesheuvel
2018-11-17 1:26 ` [PATCH v4 11/14] crypto: poly1305 - add Poly1305 core API Eric Biggers
2018-11-17 1:50 ` Ard Biesheuvel
2018-11-17 1:26 ` [PATCH v4 12/14] crypto: nhpoly1305 - add NHPoly1305 support Eric Biggers
2018-11-17 1:52 ` Ard Biesheuvel
2018-11-17 1:26 ` [PATCH v4 13/14] crypto: arm/nhpoly1305 - add NEON-accelerated NHPoly1305 Eric Biggers
2018-11-17 2:00 ` Ard Biesheuvel
2018-11-17 1:26 ` [PATCH v4 14/14] crypto: adiantum - add Adiantum support Eric Biggers
2018-11-17 2:03 ` Ard Biesheuvel
2018-11-20 6:33 ` [PATCH v4 00/14] crypto: " Herbert Xu
2018-11-30 17:58 ` Eric Biggers [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20181130175802.GB135453@gmail.com \
--to=ebiggers@kernel.org \
--cc=Jason@zx2c4.com \
--cc=gkaiser@google.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=paulcrowley@google.com \
--cc=samuel.c.p.neves@gmail.com \
--cc=tomer.ashur@esat.kuleuven.be \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).