1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
Return-Path: <elichai.turkel@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 437B1C03
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 17 Jun 2019 02:06:50 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-lj1-f174.google.com (mail-lj1-f174.google.com
[209.85.208.174])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id B27F4E6
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 17 Jun 2019 02:06:49 +0000 (UTC)
Received: by mail-lj1-f174.google.com with SMTP id p17so7711394ljg.1
for <bitcoin-dev@lists.linuxfoundation.org>;
Sun, 16 Jun 2019 19:06:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
h=mime-version:from:date:message-id:subject:to;
bh=hvp0MN/vVjxVHeyet29cptyoK0g72+TkJp0FDyEbWjo=;
b=CD/pQfcYwJpu4fJ1av0xBafXq14ZZqbF9or/E1gZrhic6Qf52kVG7ebK1d5BnTI8Y6
GbmhfGsrpmSTjUoshSUe/PWsjyWzVON4dtCuvna63MdWH8kkVc0zi55RLHftf0onULba
P4AV6e7vHLbCajrLJSXuUkqtYm0TDtosENZvEv4tAGkNN2VMmA7gsYHjb9JmZHEiIvG2
qgOuGhQ0XxvHaqHSWvBI6TsXhC2Fk3cG5h9pCj8eNrgOPyyj98NYfL3obA9q5uKUN5A/
QrxBrETtRobMd2+jjsKycc+iN1wAm5weB4FDG6iXPo0yOWsaCqT4zdojWNJMlJ+Y/gxb
mwsA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
bh=hvp0MN/vVjxVHeyet29cptyoK0g72+TkJp0FDyEbWjo=;
b=QCkdI1m5q+O8KbGi+UpdM0ANpAw+wkUqmzRXfMXMLnHepg1EWh226YLoHumNDRuCi7
kmlk4+MIfBBMRsw7HyUnUP+2x5HCM1ZdhtHsazvNedIbS02g88o33mwbQd6YULIWD+Me
eii1L6QLhUwWJ4W/kgOZVadYqY3v/rBeM1xLJ3fwbCI9BZbPeZ3qeMwrMdAExiqCWb21
k+jhj0m2n8iuV70VaPCj2SMpq7WyjvEGbKKiX/20RjStrhBPxrN8LHyufVsvt+C1L4ys
I4cEnj4pVEoszqdWTbhOgtrP9zbPulv0wZ1cw6/9AFbcoeUo8GaX0PQytw1r8rAY3rnh
FNZQ==
X-Gm-Message-State: APjAAAWxhVzcedVPpPkP2yf0+enHef6IlzaPiobAyVSxwNgEE8dYyD4H
zRhA1hcF8lDwmh799J2T1hknR5pt4nAuJMHJlQjSTC7No9AAcw==
X-Google-Smtp-Source: APXvYqwUiqs3mDYOynA3SBiGopxhPoAIjhQZ3YPqhBey2MrKRqgtWUk20CJSz6MNF20z9LiyOHioM17layFeWo3ZU4Q=
X-Received: by 2002:a2e:9c41:: with SMTP id t1mr8517176ljj.6.1560737207634;
Sun, 16 Jun 2019 19:06:47 -0700 (PDT)
MIME-Version: 1.0
From: Elichai Turkel <elichai.turkel@gmail.com>
Date: Sun, 16 Jun 2019 22:06:21 -0400
Message-ID: <CALN7hCKheiE374S6wOMJSTufmuQFxa-d_0x_aJbEPT=KuDc0nw@mail.gmail.com>
To: bitcoin-dev@lists.linuxfoundation.org
Content-Type: multipart/alternative; boundary="000000000000d94ea0058b7b722c"
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, HTML_MESSAGE,
RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Mailman-Approved-At: Mon, 17 Jun 2019 14:44:05 +0000
Subject: Re: [bitcoin-dev] New BIP - v2 peer-to-peer message transport
protocol
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Jun 2019 02:06:50 -0000
--000000000000d94ea0058b7b722c
Content-Type: text/plain; charset="UTF-8"
Hi everyone,
About the nonce being 64bit. (rfc7539 changed it to 96bit, which djb later
calls xchacha)
You suggest that we use the "message sequence number" as the nonce for
Chacha20, Is this number randomly generate or is this a counter?
And could it be reseted without rekeying?
If it is randomly generated then 64bit isn't secure enough. And we should
either move to the chacha20 from RFC7539 which has 96bit nonce and 32bit
counter or increment it manually every time.
If it's simply a counter then 64bit nonce should be fine :)
Thanks,
Elichai.
--
PGP: 5607C93B5F86650C
--000000000000d94ea0058b7b722c
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">Hi everyone,<br>About the nonce being 64bit. (rfc7539 chan=
ged it to 96bit, which djb later calls xchacha)<div><br>You suggest that we=
use the "message sequence number" as the nonce for Chacha20, Is =
this number randomly generate or is this a counter? <br>And could it be res=
eted without rekeying?<br></div><div><br>If it is randomly generated then 6=
4bit isn't secure enough. And we should either move to the chacha20 fro=
m RFC7539 which has 96bit nonce and 32bit counter or increment it manually =
every time.<br></div><div><br>If it's simply a counter then 64bit nonce=
should be fine :)</div><div><br></div><div>Thanks,</div><div>Elichai.<br><=
div><div><br></div>-- <br><div dir=3D"ltr" class=3D"gmail_signature" data-s=
martmail=3D"gmail_signature">PGP: 5607C93B5F86650C<br><br></div></div></div=
></div>
--000000000000d94ea0058b7b722c--
|
