View Issue Details

IDProjectCategoryView StatusLast Update
0005886GNUnetcadet servicepublic2021-06-10 19:36
Reporterbuttfly Assigned Tot3sserakt  
Status acknowledgedResolutionopen 
Target Version0.16.0 
Summary0005886: Use more secure algorithms in CADET
DescriptionUpon reading I found:

- CADET provides confidentiality with so-called perfect forward secrecy; we use ECDHE powered by Curve25519 for the key exchange and then use symmetric encryption, encrypting with both AES-256 and Twofish
- authentication is achieved by signing the ephemeral keys using Ed25519, a deterministic variant of ECDSA
- integrity protection (using SHA-512 to do encrypt-then-MAC, although only 256 bits are sent to reduce overhead)

My questions are:

1) Would it not be more ideal to use Salsa20 or XSalsa20 instead of AES-256 and Twofish?
2) Should not we use BLAKE2? Its digest sizes are 224, 256, 384, and 512 bits. There would be no need to truncate, AND it is much faster than SHA-512. See for benchmarks and more information.
TagsNo tags attached.



2020-10-29 11:21

manager   ~0017056

Might make sense as we did a similar thing for GNS

Issue History

Date Modified Username Field Change
2019-09-09 18:10 buttfly New Issue
2020-10-29 11:21 schanzen Assigned To => schanzen
2020-10-29 11:21 schanzen Status new => acknowledged
2020-10-29 11:21 schanzen Note Added: 0017056
2020-10-29 11:21 schanzen Target Version => 0.15.0
2020-10-29 11:21 schanzen Assigned To schanzen => t3sserakt
2021-06-10 19:36 schanzen Target Version 0.15.0 => 0.16.0