Usage Limits on AEAD Algorithms
draft-irtf-cfrg-aead-limits-03
| Document | Type |
This is an older version of an Internet-Draft whose latest revision state is "Active".
Expired & archived
|
|
|---|---|---|---|
| Authors | Felix Günther , Martin Thomson , Christopher A. Wood | ||
| Last updated | 2022-01-13 (Latest revision 2021-07-12) | ||
| Replaces | draft-wood-cfrg-aead-limits | ||
| RFC stream | Internet Research Task Force (IRTF) | ||
| Formats | |||
| Additional resources | Mailing list discussion | ||
| Stream | IRTF state | Active RG Document | |
| Consensus boilerplate | Unknown | ||
| Document shepherd | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
An Authenticated Encryption with Associated Data (AEAD) algorithm provides confidentiality and integrity. Excessive use of the same key can give an attacker advantages in breaking these properties. This document provides simple guidance for users of common AEAD functions about how to limit the use of keys in order to bound the advantage given to an attacker. It considers limits in both single- and multi-key settings.
Authors
Felix Günther
Martin Thomson
Christopher A. Wood
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)