Skip to content

1.0.0-alpha.11

Choose a tag to compare

View all tags
@chogarcia chogarcia released this 05 Jun 11:49
· 18 commits to main since this release
v1.0.0-alpha.11
e25a107
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Cipher-suite-agility expansion + sender attribution. The default suite is unchanged (PQ-hybrid); the new AES-GCM v2 suite and the Ed25519 signature block are both opt-in, so files produced by alpha.5+ keep decrypting unchanged.

Added

  • Cipher suite 0x04aes-gcm-v2. 8-byte HKDF-derived nonce prefix + 4-byte big-endian chunk counter, widening the cross-file IV-collision space from 2^32 to 2^64 while keeping the IV at 12 bytes. The chunk_key derivation is identical to 0x01; only the nonce-prefix split differs. Suite 0x01 (aes-gcm-v1) stays decrypt-only on the umbrella export. Documented in spec/format-v1.md.
  • Optional sender-attribution signatures (src/identity/sign.ts). Detached Ed25519 (algorithm 0x01) over header_unauthenticated_bytes || concat(chunk_macs), appended as a trailing signature block. Legacy files without the block keep decrypting unchanged; the streaming API returns { signature: null } in that case. Algorithm 0x02 is reserved for ML-DSA-65.

Notes

  • Default cipher suite is still PQ-hybrid (SUITE.PQ_HYBRID_XCHACHA_MLKEM1024_V1); aes-gcm-v2 is opt-in via the dedicated subpath import.
  • Wire-format updates are documented in spec/format-v1.md.

Tests: 171 / 171 pass. See CHANGELOG.md for the full history.

Assets 2
Loading