Package ocb
Package ocb provides an implementation of the OCB (offset codebook) mode of
operation, as described in RFC-7253 of the IRTF and in Rogaway, Bellare,
Black and Krovetz - OCB: A BLOCK-CIPHER MODE OF OPERATION FOR EFFICIENT
AUTHENTICATED ENCRYPTION (2003).
Security considerations (from RFC-7253): A private key MUST NOT be used to
encrypt more than 2^48 blocks. Tag length should be at least 12 bytes (a
brute-force forging adversary succeeds after 2^{tag length} attempts). A
single key SHOULD NOT be used to decrypt ciphertext with different tag
lengths. Nonces need not be secret, but MUST NOT be reused.
This package only supports underlying block ciphers with 128-bit blocks,
such as AES-{128, 192, 256}, but may be extended to other sizes.
func NewOCB(block cipher.Block) (cipher.AEAD, error)
NewOCB returns an OCB instance with the given block cipher and default
tag and nonce sizes.
func NewOCBWithNonceAndTagSize(
block cipher.Block, nonceSize, tagSize int) (cipher.AEAD, error)
NewOCBWithNonceAndTagSize returns an OCB instance with the given block
cipher, nonce length, and tag length. Panics on zero nonceSize and
exceedingly long tag size.
It is recommended to use at least 12 bytes as tag length.