Authenticated Encryption with Associated Data (AEAD).
See Authenticated encryption: relations among notions and analysis of the generic composition paradigm for an introduction to the concept of AEADs.
The email@example.com AEAD-ish construct.
QUIC Header Protection.
The additionally authenticated data (AAD) for an opening or sealing operation. This data is authenticated but is not encrypted.
An AEAD Algorithm.
A nonce for a single AEAD opening or sealing operation.
A key for authenticating and decrypting (“opening”) AEAD-protected data.
A key for encrypting and signing (“sealing”) data.
The maximum length of a tag for the algorithms in this module.
All the AEADs we support use 96-bit nonces.
AES-128 in GCM mode with 128-bit tags and 96 bit nonces.
AES-256 in GCM mode with 128-bit tags and 96 bit nonces.
ChaCha20-Poly1305 as described in RFC 7539.
Authenticates and decrypts (“opens”) data in place.
Encrypts and signs (“seals”) data in place.