- djm@cvs.openbsd.org 2013/12/02 02:50:27

[PROTOCOL.chacha20poly1305] typo; from Jon Cave
2013-12-05 10:22:57 +11:00 · 2013-12-05 10:22:57 +11:00 · 114e540b15
parent e4870c0906
commit 114e540b15
2 changed files with 5 additions and 2 deletions
--- a/3
+++ b/3
@ -23,6 +23,9 @@
   - djm@cvs.openbsd.org 2013/12/01 23:19:05
     [PROTOCOL]
     mention curve25519-sha256@libssh.org key exchange algorithm
+   - djm@cvs.openbsd.org 2013/12/02 02:50:27
+     [PROTOCOL.chacha20poly1305]
+     typo; from Jon Cave

 20131121
 - (djm) OpenBSD CVS Sync
--- a/PROTOCOL.chacha20poly1305
+++ b/PROTOCOL.chacha20poly1305
@ -47,7 +47,7 @@ cipher by decrypting and using the packet length prior to checking
 the MAC. By using an independently-keyed cipher instance to encrypt the
 length, an active attacker seeking to exploit the packet input handling
 as a decryption oracle can learn nothing about the payload contents or
-its MAC (assuming key derivation, ChaCha20 and Poly1306 are secure).
+its MAC (assuming key derivation, ChaCha20 and Poly1305 are secure).

 The AEAD is constructed as follows: for each packet, generate a Poly1305
 key by taking the first 256 bits of ChaCha20 stream output generated
@ -101,5 +101,5 @@ References
 [3] "ChaCha20 and Poly1305 based Cipher Suites for TLS", Adam Langley
    http://tools.ietf.org/html/draft-agl-tls-chacha20poly1305-03

-$OpenBSD: PROTOCOL.chacha20poly1305,v 1.1 2013/11/21 00:45:43 djm Exp $
+$OpenBSD: PROTOCOL.chacha20poly1305,v 1.2 2013/12/02 02:50:27 djm Exp $