Home | Trees | Indices | Help |
|
---|
|
object --+ | EaxMode
EAX mode.
This is an Authenticated Encryption with Associated Data (AEAD) mode. It provides both confidentiality and authenticity.
The header of the message may be left in the clear, if needed, and it will still be subject to authentication.
The decryption step tells the receiver if the message comes from a source that really knowns the secret key. Additionally, decryption detects if any part of the message - including the header - has been modified or corrupted.
This mode requires a nonce.
This mode is only available for ciphers that operate on 64 or 128 bits blocks.
There are no official standards defining EAX. The implementation is based on a proposal that was presented to NIST.
Instance Methods | |||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
Inherited from |
Instance Variables | |
block_size The block size of the underlying cipher, in bytes. |
|
nonce The nonce originally used to create the object. |
Properties | |
Inherited from |
Method Details |
Protect associated data If there is any associated data, the caller has to invoke this function one or more times, before using decrypt or encrypt. By associated data it is meant any data (e.g. packet headers) that will not be encrypted and will be transmitted in the clear. However, the receiver is still able to detect any modification to it. If there is no associated data, this method must not be called. The caller may split associated data in segments of any size, and invoke this method multiple times, each time with the next segment.
|
Encrypt data with the key and the parameters set at initialization. A cipher object is stateful: once you have encrypted a message you cannot encrypt (or decrypt) another message using the same object. The data to encrypt can be broken up in two or more pieces and encrypt can be called multiple times. That is, the statement:
is equivalent to:
This function does not add any padding to the plaintext.
|
Decrypt data with the key and the parameters set at initialization. A cipher object is stateful: once you have decrypted a message you cannot decrypt (or encrypt) another message with the same object. The data to decrypt can be broken up in two or more pieces and decrypt can be called multiple times. That is, the statement:
is equivalent to:
This function does not remove any padding from the plaintext.
|
Compute the binary MAC tag. The caller invokes this function at the very end. This method returns the MAC that shall be sent to the receiver, together with the ciphertext.
|
Compute the printable MAC tag. This method is like digest.
|
Validate the binary MAC tag. The caller invokes this function at the very end. This method checks if the decrypted message is indeed valid (that is, if the key is correct) and it has not been tampered with while in transit.
|
Validate the printable MAC tag. This method is like verify.
|
|
|
Home | Trees | Indices | Help |
|
---|
Generated by Epydoc 3.0.1 on Thu Feb 16 14:05:21 2017 | http://epydoc.sourceforge.net |