View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0008630 | GNUnet | core service | public | 2024-03-12 12:44 | 2024-11-14 09:46 |
| Reporter | schanzen | Assigned To | ch3 | ||
| Priority | normal | Severity | minor | Reproducibility | have not tried |
| Status | assigned | Resolution | open | ||
| Target Version | 0.24.0 | ||||
| Summary | 0008630: Change symmetric encryption scheme to XChaCha20-Poly1305 | ||||
| Description | Currently, we as using a AES-Twofish double encryption and HMAC. For performance and security reasons, we should move to something more simple and standard. After discussions we settled on XChaCha20-Poly1305 that is offered through a current dependency (libsodium). I have reviewed the code in gnunet-service-core_kx.c and the changes are rather straight-forward. I suggest that the implementation for both encryption schemes should live (teporarily) in the same source file and we guard the new implementation with a define. E.g. #if CONG_CRYPTO_ENABLED // Do XChaCha20-Poly1305 encryption/decryption here #else // Do current encryption/decryption here #endif I think should should possible with a couple of such #ifdefs. This is, of course, a change that very much breaks the P2P protocol. So the above approach is important unless we want to keep this in a branch for a long time. Also this means this requires a "major" version bump. | ||||
| Tags | No tags attached. | ||||
|
|
Assigned to ch3 for now, but I can help with implementation. |
|
|
We should also consider first testing the conceptual changes to CONG separately from the crypto. |
|
|
We also could include authenticated data in the tag (e.g. the GNUNET_MessageHeader or any other metadata we will include in the EncryptedMessage struct) |
|
|
Draft implementation in dev/schanzen/core_xchacha |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2024-03-12 12:44 | schanzen | New Issue | |
| 2024-03-12 12:44 | schanzen | Status | new => assigned |
| 2024-03-12 12:44 | schanzen | Assigned To | => ch3 |
| 2024-03-12 12:44 | schanzen | Issue generated from: 0008597 | |
| 2024-03-12 12:45 | schanzen | Note Added: 0021857 | |
| 2024-03-12 12:49 | schanzen | Note Added: 0021858 | |
| 2024-03-12 12:55 | schanzen | Note Added: 0021859 | |
| 2024-03-12 14:04 | schanzen | Note Added: 0021865 | |
| 2024-03-12 23:16 | schanzen | Relationship added | child of 0008596 |
| 2024-08-26 12:24 | schanzen | Target Version | 0.22.0 => 0.23.0 |
| 2024-11-14 09:46 | schanzen | Target Version | 0.23.0 => 0.24.0 |
