AEAD cipher support in OpenPGP

In version 1.9.3.91 of OpenPGP Library for .NET we have added support for decrypting PGP AEAD data encrypted with the recent version 2.3 of GnuPG by using the AEAD symmetric cipher.

AEAD status in OpenPGP

Authenticated Encryption with Associated Data (AEAD) is a form of encryption that simultaneously assure the confidentiality and authenticity of data.

Unfortunately, the OpenPGP standard that defines the use of AEAD is still a draft, and the AEAD encrypted packet varies between the current implementation in GnuPG (in use) and the latest version of the OpenPGP standard (more specifically the version field of the AEAD encrypted packet in the standard is with value 2, and the standard proposes a fixed IV (initialization vector) for the AEAD packet in contrast with the algorithm-specific length at use by GnuPG at the moment and version 1 of the AEAD packet).

Support for encrypting with AEAD

We still haven’t released support for AEAD encryption, as our primary goal is always to have maximum compatibility across the OpenPGP implementations in the wild. At the moment when GnuPG starts to produce the new AEAD encrypted data packet, we will react with support for AEAD encryption.

What Developers think about AEAD

Christopher: I have also taken note of GnuPG 2.3 and one feature, in particular, caught my eye: AEAD encryption. If done correctly, this would finally bring PGP encryption into the 21st century. 

Altered AEAD ciphertext and OpenPGP Library for .NET

Altered AEAD ciphertext will produce DidiSoft.Pgp.Exceptions.IntegrityCheckException