[dpdk-dev] [RFC] Chacha20 Poly1305 Support

Kusztal, ArkadiuszX arkadiuszx.kusztal at intel.com
Wed Oct 16 12:57:38 CEST 2019

Previous message: [dpdk-dev] [RFC] Chacha20 Poly1305 Support
Next message: [dpdk-dev] [PATCH v3] cryptodev: extend api of asymmetric crypto by sessionless
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Fiona,

Thanks for your feedback,
> 
> Hi,
> 
> due to increasing interest of crypto protocols in Chacha20-Poly1305
> algorithm I would like to start discussion about adding it to cryptodev.
> I would suggest adding something like:
> 
> @@ -348,6 +348,8 @@ enum rte_crypto_aead_algorithm {
>              /**< AES algorithm in CCM mode. */
>              RTE_CRYPTO_AEAD_AES_GCM,
>              /**< AES algorithm in GCM mode. */
> +            RTE_CRYPTO_AEAD_CHACHA20_POLY1305,
> +            /**< Chacha20 encryption cipher with poly1305 authenticator
> +*/
> 
> 
> In 'iv offset' of aead xform
> +                           * - For Chacha20-Poly1305 it is 96-bit
> +nonce. Initial counter
> +                           * value for Chacha20 encryption is set by
> +PMD to 1, meanwhile
> +                            * for Poly1305 is set to 0 as per rfc7539 2.8. AEAD
> construction.
> [Fiona] I'd suggest moving initial counter description to next line as separate
> from nonce.
> And as Poly1305 is used twice in the procedure, maybe reword as:
> PMD sets initial counter for Poly1305 key generation part to 0 and for
> Chacha20 encryption to 1 as per rfc7539 2.8. AEAD construction.
[Arek] - Yes, we can reword it this way.
[Arek] - rfc7539 is obsoleted by rfc8439 so " as per rfc8439", no additional changes are necessary due to this fact.
> 
> In 'iv length' of aead xform
> +                           * - For Chacha20-Poly1305 this field is always 12.
> 
> It is AEAD instead of cipher + auth as rfc7539 explicitly specifies initial
> counters to one and zero with AEAD construction, which is not done for
> Chacha and Poly separately. If in future someone would like to add these
> algorithms to cipher and auth enums additional field that holds initial
> counter should be added as well.
> 
> I have tested it with openssl pmd implementation I have created for test
> purposes (Chacha Poly is supported since OpenSSL 1.1.0 version) which I may
> attach if needed.
> 
> (Sorry if I have not included someone in cc, please cc any interested person)
> 
> Regards,
> Arek

Previous message: [dpdk-dev] [RFC] Chacha20 Poly1305 Support
Next message: [dpdk-dev] [PATCH v3] cryptodev: extend api of asymmetric crypto by sessionless
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the dev mailing list