Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support for X25519 key exchange and XChacha20 encryption #74

Open
savely-krasovsky opened this issue Sep 1, 2023 · 9 comments · May be fixed by #98
Open

Support for X25519 key exchange and XChacha20 encryption #74

savely-krasovsky opened this issue Sep 1, 2023 · 9 comments · May be fixed by #98

Comments

@savely-krasovsky
Copy link
Member

savely-krasovsky commented Sep 1, 2023

@kigawas as far as I understand you are preparing this support for py/js/rs libraries. Currently Golang has new crypto/ecdh standard library, but it lacks of rich configuration, I could only add some basic support for x25519 and xchacha20, otherwise I would need to fork stdlib, which will require more maintance.

@kigawas
Copy link
Member

kigawas commented Sep 1, 2023

Thanks for the update. Don't worry, the configuration is optional

@pseusys
Copy link

pseusys commented Feb 10, 2024

Is the support for XChaCha20 planned? Fyi, there exists a statdard library for it (golang.org/x/crypto/chacha20poly1305). Would be grateful for any info!

@savely-krasovsky
Copy link
Member Author

savely-krasovsky commented Feb 10, 2024

The problem is that the new crypto/ecdh doesn't export important fields and methods anymore, unlike older crypto/elliptic which we use right now (which in contrast cannot be used with ChaCha20). Probably it's mostly ok to use exported version filippo.io/nistec, but I didn't try yet. Has a lot of work recently.

@pseusys
Copy link

pseusys commented Feb 11, 2024

Indeed, I have found out that secp256k1 is not supported by crypto/ecdh. However, I was able to use the older setup as-is with ChaCha20.

@pseusys pseusys linked a pull request Feb 11, 2024 that will close this issue
@pseusys
Copy link

pseusys commented Feb 11, 2024

@L11r, honestly I don't really understand why the current solution shouldn't work with XChaCha20-Poly1305 as it uses exactly the same 256-bit key length. Instead of crypto/elliptic, github.com/decred/dcrd/dcrec/secp256k1/v4 can be used, but why should it be used, since everything works as it is right now.

@savely-krasovsky
Copy link
Member Author

@pseusys your solution use ChaCha20 as encryption, but key exchange still done using secp256k1. This issue is about moving to X25519. Also implementation should be unified across other ECIES libraries for Rust, JS, Python, etc.

@pseusys
Copy link

pseusys commented Feb 11, 2024

@L11r, yes, that's exactly what I have wrutten in my PR: my solution solves one of the two problems named in this issue title. As far as I understood, they are mostly independant.
Moreover, different types of symmetrical encryption are already available for the other languages.

@savely-krasovsky
Copy link
Member Author

@pseusys yes, sorry if I've sounded incorrect, you contribution is good! But I guess we need to merge and release complete solution and mark it as a new major version (e.g. v3). Let me see if something has been changed recently.

@pseusys
Copy link

pseusys commented Feb 11, 2024

@L11r, never mind, you didn't sound wrong! I just wanted to improve your library.
It's ok if you need time, I'm not in a hurry; moreover, I can use my fork for now. Let me know if you need help with migrating to the new curves! I can offer you my assistance with python, go and maybe js code, unfortunately I'm still not familiar with rust, however.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants