Support crypto agility - Githubissues

geonnave commented 1 month ago

Right now the library only supports Cipher Suite 2: AES-CCM-16-64-128, SHA-256, 8, P-256, ES256, AES-CCM-16-64-128, SHA-256.

We should support more cipher suites, and also enable negotiation of cipher suites.

Some background

According to the spec...

Implementations MUST support cipher suites 2 and 3 (note that these only differ in the size of the MAC length)

Cipher suites 0-3, based on AES-CCM, are intended for constrained IoT where message overhead is a very important factor:

0. AES-CCM-16-64-128, SHA-256, 8, X25519, EdDSA, AES‑CCM‑16‑64‑128, SHA-256
1. AES-CCM-16-128-128, SHA‑256, 16, X25519, EdDSA, AES‑CCM‑16‑64‑128, SHA-256
2. AES-CCM-16-64-128, SHA-256, 8, P-256, ES256, AES-CCM-16-64-128, SHA-256
3. AES-CCM-16-128-128, SHA-256, 16, P-256, ES256, AES-CCM-16-64-128, SHA-256

Ciphers with ChaCha/Poly:

4. ChaCha20/Poly1305, SHA-256, 16, X25519, EdDSA, ChaCha20/Poly1305, SHA-256
5. ChaCha20/Poly1305, SHA-256, 16, P-256, ES256, ChaCha20/⁠Poly1305, SHA-256

Plan

[ ] support cipher suite 3
[ ] support cipher suite negotiation
[ ] support cipher suite 0 and/or 1
- NOTE: requires modifying the crypto backend to support X25519 and EdDSA

malishav commented 1 month ago

I agree on the plan outlined here! We should also discuss in parallel with this how to enable support for multiple authentication methods.

geonnave commented 1 month ago

support for multiple authentication methods.

Tracked in #278.

openwsn-berkeley / lakers

Support crypto agility #277

Some background

Plan