Justus Winter justus@sequoia-pgp.org writes:
we (Sequoia PGP) would love to see OCB being implemented in Nettle. The OpenPGP working group is working on a revision of RFC4880, which will mostly be a cryptographic refresh, and will bring AEAD to OpenPGP.
The previous -now abandoned- draft called for EAX being mandatory, and OCB being optional [0]. This was motivated by OCB being encumbered by patents. However, said patents were waived by the holder [1].
0: https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-rfc4880bis-10#secti... 1: https://mailarchive.ietf.org/arch/msg/cfrg/qLTveWOdTJcLn4HP3ev-vrj05Vg/
That's good news, I hadn't seen that. Then OCB gets a lot more interesting. And https://datatracker.ietf.org/doc/html/rfc7253 is a proper reference (there seems to be a couple of different versions of OCB)?
Unfortunately, we don't have the expertise in our team to contribute a patch, and we currently aren't in a position to offer funding for the implementation.
If someone wants to work on it, please post to the list. I might look into it myself, but as you have noticed, I have rather limited hacking time.
Regards, /Niels