New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Implement XChaCha20Poly1305 #5
Conversation
This is identical to ChaCha20Poly1305, just with a larger nonce size. Support already exists in libsodium for this cipher.
Hmm.. not sure why the Ubuntu build failed. Looks like the Appveyor build was fine. |
Depends on ektrah/nsec#5
This uses the same values from pynacl, to verify the implementation is correct https://github.com/pyca/pynacl/blob/3b89b41a654d36fa887c3cf2f6632659397b2aa9/tests/data/xchacha20-poly1305-ietf_ref.txt
The first pull request – thank you very much! XChaCha20-Poly1305 is an AEAD algorithm that seems to have some nice properties. But it's really obscure. There's no specification, no test vectors, nothing. For this reason, I'm hesitant to add it to the NSec portfolio; see briansmith/ring#411 for a similar discussion. I do recognize the need for compatibility with specs that have decided to build on it nevertheless, though. I'm therefore thinking about something like a "libsodium compatibility pack" that includes algorithms like this and XSalsa20-Poly1305 (#2). But I don't have plans to work on that anytime soon. Right now, I would accept this pull request only as experimental code that lives in the NSec repository but doesn't get included in releases. It would then later be moved into the compatibility pack. |
Thanks for the reply. A compatibility pack would probably be fine. I'm interested in referencing it from another library I'm developing here which needs to use that algorithm. Per the libsodium docs it looks like this is the recommended algorithm to use if you have the option to, so I'm curious if it will become less obscure over time.
|
OK, let's bring this into shape and merge it into the experimental code area. I've made a few changes to the base classes in the meantime; the easiest way to update this code is probably to revert the changes and start fresh: copy src/Cryptography/ChaCha20Poly1305.cs to src/Experimental/Sodium/XChaCha20Poly1305.cs, copy src/Interop/Interop.ChaCha20Poly1305.cs to src/Interop/Interop.XChaCha20Poly1305.cs, and replace all occurrences of |
Added to NSec.Experimental in dd9ec75 |
Thanks! :)
…On Sat, Apr 7, 2018 at 04:10, ektrah ***@***.***> wrote:
Added to NSec.Experimental in dd9ec75
<dd9ec75>
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#5 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AA5hFnzS1SuiLXbLqmqvNjtmZdNmDqPLks5tmJ57gaJpZM4SfpXc>
.
|
This is identical to ChaCha20Poly1305, just with a larger nonce size. Support already exists in libsodium for this cipher.