diff options
author | Thai Duong <thaidn@google.com> | 2017-11-13 15:47:56 -0800 |
---|---|---|
committer | Thai Duong <thaidn@google.com> | 2017-11-22 16:10:03 -0800 |
commit | c7530871e02c762b4b64cbf21b9f4b571c702e88 (patch) | |
tree | bf7ca1033bd2c41d55e46006d8a62b81ca0c71ae /cc/hybrid_decrypt.h | |
parent | e465c9d5877bff8979c9a07294b8fdcadc90bdaf (diff) | |
download | tink-c7530871e02c762b4b64cbf21b9f4b571c702e88.tar.gz |
Emphasizing that Hybrid Encryption does not provide authenticity.
Change-Id: Ic7c50eec0c54abe71c77d4ae20079d0b60b7a9f2
ORIGINAL_AUTHOR=Thai Duong <thaidn@google.com>
GitOrigin-RevId: 086cb47563ce07c510fc02df4a1fa24f5d4a7d53
Diffstat (limited to 'cc/hybrid_decrypt.h')
-rw-r--r-- | cc/hybrid_decrypt.h | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/cc/hybrid_decrypt.h b/cc/hybrid_decrypt.h index 4022fe176..abd1ac633 100644 --- a/cc/hybrid_decrypt.h +++ b/cc/hybrid_decrypt.h @@ -34,6 +34,13 @@ namespace tink { // checking the integrity of 'context_info' (but there are no // guarantees wrt. to secrecy or authenticity of 'context_info'). // +// WARNING: hybrid encryption does not provide authenticity, that is the +// recipient of an encrypted message does not know the identity of the sender. +// Similar to general public-key encryption schemes the security goal of +// hybrid encryption is to provide privacy only. In other words, hybrid +// encryption is secure if and only if the recipient can accept anonymous +// messages or can rely on other mechanisms to authenticate the sender. +// // 'context_info' can be empty or null, but to ensure the correct // decryption of the ciphertext the same value must be provided // as was used during encryption operation (cf. HybridEncrypt-interface). |