keybase / triplesec

Triple Security for the browser and Node.js
https://keybase.io/triplesec
MIT License
399 stars 47 forks source link

V4 #51

Open maxtaco opened 9 years ago

maxtaco commented 9 years ago

As per Dustin's recommendations, consider Argon2 rather than scrypt, and also newly FIPS-certified SHA3 final rather than our Keccak precursor.

SparkDustJoe commented 9 years ago

I would also recommend as others have suggested to move the signatures to the end of the output stream since they are calculated/verified last. A 32bit cipertext length would be good to detect truncation and can be rolled into the signature calculator as a precaution.

SparkDustJoe commented 8 years ago

The Argon2 library has come to GitHub and is under active development. As such it's a bit fluid at the moment, but should have links to various builds for use in JS, Node, Go, Python, and hopefully I'll have a version for C#.

https://github.com/P-H-C/phc-winner-argon2

SparkDustJoe commented 8 years ago

I think a version 1.3 release of Argon2 is soon forthcoming

SparkDustJoe commented 8 years ago

@veorq Presented at a recent conference on Argon2, the release is stable now and starting to see use in the wild. https://bsideslv2016.sched.org/event/7YOA/whats-up-argon2-the-password-hashing-winner-a-year-later

SparkDustJoe commented 7 years ago

Is there still a planned release for V4?

SparkDustJoe commented 7 years ago

I finally got around to porting the Argon2 library to a .NET friendly C++ version. You can find it here: https://github.com/SparkDustJoe/Argon2Managed

I would, at this point, also suggest replacing XSalsa20 with either ChaCha20, or NORX64-6-2 (if it survives the CAESAR stream cipher competition, currently underway). ChaCha20 is an evolution of Salsa with better bit diffusion. NORX uses a similar scrambling technique to ChaCha and a sponge construction akin to Keccak. NORX replaces all the addition operations with an XOR-Shift approximate equivalent (the name NORX comes from Not-Addition Rotation XOR). It also has optional Header/Footer inputs for chaining or adding other strings.

SparkDustJoe commented 5 years ago

Version 4 as published (with the only change being the removal of TwoFish) has been implemented in my port for C#, so I'm going to recommend closing this issue. The discussion of what should replace TwoFish (if anything) and SCRYPT (such as Argon2) for V5 should be a separate thread/issue.

SparkDustJoe commented 5 years ago

The final CAESAR portfolio has been announced: https://competitions.cr.yp.to/caesar-submissions.html