DPDK patches and discussions
 help / color / mirror / Atom feed
From: "Trahe, Fiona" <fiona.trahe@intel.com>
To: "Kusztal, ArkadiuszX" <arkadiuszx.kusztal@intel.com>,
	"dev@dpdk.org" <dev@dpdk.org>
Cc: "akhil.goyal@nxp.com" <akhil.goyal@nxp.com>,
	"Zhang, Roy Fan" <roy.fan.zhang@intel.com>,
	Shally Verma <shallyv@marvell.com>,
	Anoob Joseph <anoobj@marvell.com>,
	"De Lara Guarch, Pablo" <pablo.de.lara.guarch@intel.com>,
	"Doherty, Declan" <declan.doherty@intel.com>,
	"tdu@semihalf.com" <tdu@semihalf.com>,
	"Trahe, Fiona" <fiona.trahe@intel.com>
Subject: Re: [dpdk-dev] [RFC] Chacha20 Poly1305 Support
Date: Wed, 9 Oct 2019 15:48:56 +0000	[thread overview]
Message-ID: <348A99DA5F5B7549AA880327E580B43589831A03@IRSMSX101.ger.corp.intel.com> (raw)
In-Reply-To: <06EE24DD0B19E248B53F6DC8657831551B29FD13@hasmsx109.ger.corp.intel.com>

Hi Arek,

------
From: Kusztal, ArkadiuszX 
Sent: Wednesday, October 9, 2019 9:30 AM
To: dev@dpdk.org
Cc: akhil.goyal@nxp.com; Zhang, Roy Fan <roy.fan.zhang@intel.com>; Shally Verma <shallyv@marvell.com>; Trahe, Fiona <fiona.trahe@intel.com>; Anoob Joseph <anoobj@marvell.com>; De Lara Guarch, Pablo <pablo.de.lara.guarch@intel.com>; Doherty, Declan <declan.doherty@intel.com>; tdu@semihalf.com
Subject: [RFC] Chacha20 Poly1305 Support

Hi,

due to increasing interest of crypto protocols in Chacha20-Poly1305 algorithm I would like to start discussion about adding it to cryptodev.
I would suggest adding something like:

@@ -348,6 +348,8 @@ enum rte_crypto_aead_algorithm {
             /**< AES algorithm in CCM mode. */
             RTE_CRYPTO_AEAD_AES_GCM,
             /**< AES algorithm in GCM mode. */
+            RTE_CRYPTO_AEAD_CHACHA20_POLY1305,
+            /**< Chacha20 encryption cipher with poly1305 authenticator */


In 'iv offset' of aead xform
+                           * - For Chacha20-Poly1305 it is 96-bit nonce. Initial counter
+                           * value for Chacha20 encryption is set by PMD to 1, meanwhile
+                            * for Poly1305 is set to 0 as per rfc7539 2.8. AEAD construction.
[Fiona] I'd suggest moving initial counter description to next line as separate from nonce.
And as Poly1305 is used twice in the procedure, maybe reword as:
PMD sets initial counter for Poly1305 key generation part to 0 and for Chacha20 encryption 
to 1 as per rfc7539 2.8. AEAD construction.

In 'iv length' of aead xform
+                           * - For Chacha20-Poly1305 this field is always 12.

It is AEAD instead of cipher + auth as rfc7539 explicitly specifies initial counters to one and zero with AEAD construction, which is not done
for Chacha and Poly separately. If in future someone would like to add these algorithms to cipher and auth enums additional field that holds initial counter
should be added as well.

I have tested it with openssl pmd implementation I have created for test purposes (Chacha Poly is supported since OpenSSL 1.1.0 version) which I may attach if needed.

(Sorry if I have not included someone in cc, please cc any interested person)

Regards,
Arek

  reply	other threads:[~2019-10-09 15:49 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-10-09  8:29 Kusztal, ArkadiuszX
2019-10-09 15:48 ` Trahe, Fiona [this message]
2019-10-16 10:57   ` Kusztal, ArkadiuszX

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=348A99DA5F5B7549AA880327E580B43589831A03@IRSMSX101.ger.corp.intel.com \
    --to=fiona.trahe@intel.com \
    --cc=akhil.goyal@nxp.com \
    --cc=anoobj@marvell.com \
    --cc=arkadiuszx.kusztal@intel.com \
    --cc=declan.doherty@intel.com \
    --cc=dev@dpdk.org \
    --cc=pablo.de.lara.guarch@intel.com \
    --cc=roy.fan.zhang@intel.com \
    --cc=shallyv@marvell.com \
    --cc=tdu@semihalf.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).