View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0005886 | GNUnet | cadet service | public | 2019-09-09 18:10 | 2024-11-14 09:57 |
| Reporter | buttfly | Assigned To | t3sserakt | ||
| Priority | normal | Severity | minor | Reproducibility | N/A |
| Status | acknowledged | Resolution | open | ||
| Target Version | 0.24.0 | ||||
| Summary | 0005886: Use more secure algorithms in CADET | ||||
| Description | Upon reading https://docs.gnunet.org/handbook/gnunet.html#CADET-Subsystem I found: - CADET provides confidentiality with so-called perfect forward secrecy; we use ECDHE powered by Curve25519 for the key exchange and then use symmetric encryption, encrypting with both AES-256 and Twofish - authentication is achieved by signing the ephemeral keys using Ed25519, a deterministic variant of ECDSA - integrity protection (using SHA-512 to do encrypt-then-MAC, although only 256 bits are sent to reduce overhead) [...] My questions are: 1) Would it not be more ideal to use Salsa20 or XSalsa20 instead of AES-256 and Twofish? 2) Should not we use BLAKE2? Its digest sizes are 224, 256, 384, and 512 bits. There would be no need to truncate, AND it is much faster than SHA-512. See https://blake2.net/ for benchmarks and more information. | ||||
| Tags | No tags attached. | ||||
|
|
Might make sense as we did a similar thing for GNS |
|
|
We may want to switch to either XChaCha20-Poly1305 or ChaCha20-Poly1305 if we can get away with it. There is no advantage using (X)Salsa over ChaCha. ChaCha (without the X) also has an RFC. I am not sure about introducing another hash function. We will rely on SHA2 for quite some time due to HKDF |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2019-09-09 18:10 | buttfly | New Issue | |
| 2020-10-29 11:21 | schanzen | Assigned To | => schanzen |
| 2020-10-29 11:21 | schanzen | Status | new => acknowledged |
| 2020-10-29 11:21 | schanzen | Note Added: 0017056 | |
| 2020-10-29 11:21 | schanzen | Target Version | => 0.15.0 |
| 2020-10-29 11:21 | schanzen | Assigned To | schanzen => t3sserakt |
| 2021-06-10 19:36 | schanzen | Target Version | 0.15.0 => 0.16.0 |
| 2021-12-31 09:29 | schanzen | Target Version | 0.16.0 => 0.17.0 |
| 2021-12-31 09:32 | schanzen | Target Version | 0.17.0 => 1.0.0 |
| 2024-11-14 09:57 | schanzen | Note Added: 0023718 | |
| 2024-11-14 09:57 | schanzen | Target Version | 1.0.0 => 0.24.0 |
