1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
Return-Path: <dev@jonasschnelli.ch>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 2AB3AD2D
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 1 Apr 2016 21:09:54 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from server3 (server3.include7.ch [144.76.194.38])
by smtp1.linuxfoundation.org (Postfix) with ESMTP id 70F731C8
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 1 Apr 2016 21:09:53 +0000 (UTC)
Received: by server3 (Postfix, from userid 115)
id 0B7412E20101; Fri, 1 Apr 2016 23:09:51 +0200 (CEST)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Spam-Level:
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, FSL_HELO_NON_FQDN_1
autolearn=ham version=3.3.1
Received: from Jonass-MacBook-Pro.local (cable-static-140-182.teleport.ch
[87.102.140.182]) by server3 (Postfix) with ESMTPSA id 5A8AC2D00039
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 1 Apr 2016 23:09:51 +0200 (CEST)
To: bitcoin-dev@lists.linuxfoundation.org
References: <56F2B51C.8000105@jonasschnelli.ch>
From: Jonas Schnelli <dev@jonasschnelli.ch>
Message-ID: <56FEE39B.3040401@jonasschnelli.ch>
Date: Fri, 1 Apr 2016 23:09:47 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:38.0)
Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <56F2B51C.8000105@jonasschnelli.ch>
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="crLCHGnEni3J6qko3Fr3KQ2Jd5geRw2u5"
X-Mailman-Approved-At: Fri, 01 Apr 2016 22:28:11 +0000
Subject: Re: [bitcoin-dev] p2p authentication and encryption BIPs
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Apr 2016 21:09:54 -0000
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--crLCHGnEni3J6qko3Fr3KQ2Jd5geRw2u5
Content-Type: multipart/mixed; boundary="CQ98nntSLT1CklhpwH0iJnJSwjjbi0sKH"
From: Jonas Schnelli <dev@jonasschnelli.ch>
To: bitcoin-dev@lists.linuxfoundation.org
Message-ID: <56FEE39B.3040401@jonasschnelli.ch>
Subject: Re: [bitcoin-dev] p2p authentication and encryption BIPs
References: <56F2B51C.8000105@jonasschnelli.ch>
In-Reply-To: <56F2B51C.8000105@jonasschnelli.ch>
--CQ98nntSLT1CklhpwH0iJnJSwjjbi0sKH
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable
> I have just PRed a draft version of two BIPs I recently wrote.
> https://github.com/bitcoin/bips/pull/362
Hi.
I just updated the PR above with another overhaul of the BIP.
It's still under heavy review/work, nevertheless =96 at this point =96 an=
y
feedback is highly welcome.
Changes since last update:
-> Removed AES256-GCM as cipher suite
-> Focusing on Chacha20-Poly1305 (implementation size ~300L)
-> Two symmetric cipher keys must be calculated by HMAC_SHA512 from the
ecdh secret
-> A session-ID (both directions) must be calculated (HMAC_SHA256) for
linking an identity authentication (ecdsa sig of the session-ID) with
the encryption
-> Re-Keying ('=3Dhash(old_key)') can be announced by the responding peer=
(after x minutes and/or after x GB, local peer policy but not shorter
then 10mins).
-> AEAD tag is now the last element in the new message format
It is very likely that the encrypted message format performs slightly
better than the current message format (removing the SHA256 checksum).
---
</jonas>
--CQ98nntSLT1CklhpwH0iJnJSwjjbi0sKH--
--crLCHGnEni3J6qko3Fr3KQ2Jd5geRw2u5
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJW/uObAAoJECnUvLZBb1Ps+nkP/A6snavjv2uVfrpy8Wj1UFbO
qn31EkadlTYOBRO2K2pLw9ZkJ8g0roRzGQzjkZxYIG5uUKNoCLK3O+sxRA8NKAO8
Hk0IH+imlk3+vNSW2FIFzQEL/WVosHCcmMY75dJeODoMwkD7OjYezYqniSz6gNTs
kBpKGDgnDgXub3vULaf53wCefmzB30RSFN6MzOAqSr6iVXxWw0+Czji0wQC64dBb
wcPizfilHHTGAuZ3WbR7DbFUXizUOqxlOkLiAeSJzf71I4A4HYP3RAMoIJXdfIho
+WKjFiHf52VE2oZeF+wc/NF5G0iIOn4TS6LhjqE/eDDWd53rHateI1p+26AU7Fe9
lv2DTCF4daAhfCPMnJl7MyOSPnvRjtv4+IzCEK9SU00wYMn8XIAF8vfC/YTQDvJT
Mx7jgasqXNiRIdsWmQOPt+RnAwKN4/yds2LQrccLBgAC6iNzdSbSN6MvhHKTz1tY
F3mRWUHRHu1eoKzGklE+Fy8bH0yP6eyQB552VpPayY546rmvDBT5HLmv3u40B9p9
IgAkxpFonrq/3dAjwNgRXve4Sb8Iwg1tY9kqOWAoGhPmmx9ZmHUsgAsRE4z1O+UG
4OqEbb0yXnBU24JrzuMXN2NoAdiEXqj7Xst2w0kObIzwkBf65MaisGjzFiPiQPxR
gIlvGWm4VKHpj+TPvQUZ
=Y7jr
-----END PGP SIGNATURE-----
--crLCHGnEni3J6qko3Fr3KQ2Jd5geRw2u5--
|
