[Cryptography] Announcing XSTREAM v0.1: misuse-resistant public-key cryptography combining X25519+HKDF+Miscreant

John Gilmore gnu at toad.com
Sun Jan 7 20:41:05 EST 2018


> XSTREAM is intended for encrypting data-at-rest while supporting
> incremental processing, such as encrypting files, database records, or
> other "blobs" of data processed a chunk-at-a-time ...
>
> XSTREAM's encryptor accepts a static X25519 public key as an argument.
> Internally it randomly generates an ephemeral secret scalar value (i.e.
> X25519 secret key), performs elliptic curve Diffie-Hellman, then uses the
> resulting shared secret as an input to ...

Am I confused?  Doing Diffie-Hellman requires talking with another
party.  For data-at-rest, who is the other party?  And how does your
library communicate with that other party?

	John





More information about the cryptography mailing list