octoleo/restic
2
2
Fork 0
mirror of https://github.com/octoleo/restic.git synced 2024-12-22 10:58:55 +00:00
Code Issues Releases Wiki Activity

Clarify ciphertext mac

Browse Source
This commit is contained in:
Alexander Neumann 2015-03-22 21:29:19 +01:00
parent 02282a4fff
commit 2dad4fba3a
1 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
doc/Design.md
View File

@ -79,8 +79,9 @@ a random nonce. This is used both as the IV for counter mode and the nonce for
Poly1305. This operation needs three keys: A 32 byte for AES-256 for Poly1305. This operation needs three keys: A 32 byte for AES-256 for
encryption, a 16 byte AES key and a 16 byte key for Poly1305. For details see encryption, a 16 byte AES key and a 16 byte key for Poly1305. For details see
the original paper[The Poly1305-AES message-authentication the original paper[The Poly1305-AES message-authentication
code](http://cr.yp.to/mac/poly1305-20050329.pdf) by Dan Bernstein. The code](http://cr.yp.to/mac/poly1305-20050329.pdf) by Dan Bernstein.
ciphertext is stored as IV || CIPHERTEXT || MAC. The data is then encrypted with AES-256 and afterwards the MAC is computed over
the ciphertext, everything is then stored as IV || CIPHERTEXT || MAC.
The directory `keys` contains key files. These are simple JSON documents which The directory `keys` contains key files. These are simple JSON documents which
contain all data that is needed to derive the repository's master signing and contain all data that is needed to derive the repository's master signing and