diff options
author | cyfraeviolae <cyfraeviolae> | 2022-08-24 16:21:17 -0400 |
---|---|---|
committer | cyfraeviolae <cyfraeviolae> | 2022-08-24 16:21:17 -0400 |
commit | 7872bbcaf421bbb2fd3ab5fb1283e9cb8282a02f (patch) | |
tree | 0505be1597733b12825096c5437c2aa9a55d070a /templates/index.html | |
parent | f649ba59fe194ef169881579138023ec1493a254 (diff) |
work
Diffstat (limited to 'templates/index.html')
-rw-r--r-- | templates/index.html | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/templates/index.html b/templates/index.html index fdcddd8..baf6a6d 100644 --- a/templates/index.html +++ b/templates/index.html @@ -18,11 +18,13 @@ <div class="crumbs"> <a href="/git/forbidden-salamanders">source code</a> <span class="sep"> · </span> - <a href="/forbidden-salamanders/nonce-reuse">aes-gcm nonce reuse</a> + <a href="/forbidden-salamanders/nonce-reuse">nonce reuse</a> + <!-- <span class="sep"> · </span> - <a href="/forbidden-salamanders/nonce-truncation">aes-gcm nonce truncation</a> + <a href="/forbidden-salamanders/nonce-truncation">nonce truncation</a> <span class="sep"> · </span> - <a href="/forbidden-salamanders/key-commitment">aes-gcm key commitment</a> + <a href="/forbidden-salamanders/key-commitment">key commitment</a> + --> </div> </div> <p> @@ -37,9 +39,10 @@ <p> <strong><a href="/forbidden-salamanders/nonce-reuse">Nonce reuse</a>.</strong> Due to rising entropy prices, Roseacrucis has - started to reuse nonces. You must perform the Forbidden Attack in order to + started to reuse AES-GCM nonces. You must perform the Forbidden Attack in order to recover the authentication key and forge arbitrary ciphertext. </p> + <!-- <p> <strong><a href="#">Nonce truncation</a>.</strong> The sorcerer aims to conserve bandwidth by truncating nonces from twelve bytes @@ -54,6 +57,7 @@ Library that decrypt to confidential information under one key, but innocuous banter under another. </p> + --> <br> <details> <summary> @@ -64,6 +68,7 @@ AES-GCM is a block cipher that accepts a key of 16 bytes, a nonce of 12 bytes, plaintext, and additional authenticated data. It returns ciphertext and a message authentication code (MAC). + The construction is <a href="https://csrc.nist.gov/publications/detail/sp/800-38d/final">specified by NIST</a>. </p> <p> The ciphertext is computed as in <a href="https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Counter_(CTR)">counter mode</a>, whereas the MAC is computed using the algorithm GMAC. |