commit 5bd5f82e3d4319f591157c1a3d717c25e44a33a5 Author: Jean Paul Degabriele jeanpaul.degabriele@cryptoplexity.de Date: Thu Oct 24 09:21:50 2019 +0200
Fixed typos pointed out in Tomer's email. --- proposals/308-counter-galois-onion.txt | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/proposals/308-counter-galois-onion.txt b/proposals/308-counter-galois-onion.txt index ead0e81..e311c0c 100644 --- a/proposals/308-counter-galois-onion.txt +++ b/proposals/308-counter-galois-onion.txt @@ -94,7 +94,7 @@ Status: Draft (indexing starts at 1) INT(X) Translate string X into an unsigned integer
-2.2. Security parameters %%%REVISE +2.2. Security parameters
POLY_HASH_LEN -- The length of the polynomial hash function's output, in bytes. For POLYVAL, POLY_HASH_LEN = 16. @@ -112,11 +112,11 @@ Status: Draft
2.3. Primitives
- The polynomial hash function is POLYVAL with a HASH_KEY_LEN-bit key. We + The polynomial hash function is POLYVAL with a HASH_KEY_LEN-byte key. We write this as PH(H, M) where H is the key and M the message to be hashed.
- We use AES with a BC_KEY_LEN-bit key. For AES encryption (resp., - decryption) we write E(K, X) (resp., D(K, X)) where K is a BC_KEY_LEN-bit + We use AES with a BC_KEY_LEN-byte key. For AES encryption (resp., + decryption) we write E(K, X) (resp., D(K, X)) where K is a BC_KEY_LEN-byte key and X the block to be encrypted (resp., decrypted). For an integer j, we use <j> to denote the string of length BC_BLOCK_LEN representing that integer. @@ -227,7 +227,7 @@ Status: Draft Cf_n = M ^ Z X_n = PH(HDf_n, (LNf_n | Cf_n)) Y_n = Nf_n ^ X_n - Tf_n = E(KDf_n, Y_n) ^ X_n) + Tf_n = E(KDf_n, Y_n) ^ X_n
and updates its state by overwriting the old variables with the new ones. @@ -247,7 +247,7 @@ Status: Draft % BC_BLOCK_LEN = 16 Cf_I = Cf_{I+1} ^ Z[1, 509] X_I = PH(HSf_n, (LTf_{I+1} | Cf_I)) - Y_I = Tf_I ^ X_I + Y_I = Tf_{I+1} ^ X_I Tf_I = E(KSf_I, Y_I) ^ X_I LTf_{I+1} = Tf_{I+1}