Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 2AB3AD2D for ; Fri, 1 Apr 2016 21:09:54 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from server3 (server3.include7.ch [144.76.194.38]) by smtp1.linuxfoundation.org (Postfix) with ESMTP id 70F731C8 for ; Fri, 1 Apr 2016 21:09:53 +0000 (UTC) Received: by server3 (Postfix, from userid 115) id 0B7412E20101; Fri, 1 Apr 2016 23:09:51 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00, FSL_HELO_NON_FQDN_1 autolearn=ham version=3.3.1 Received: from Jonass-MacBook-Pro.local (cable-static-140-182.teleport.ch [87.102.140.182]) by server3 (Postfix) with ESMTPSA id 5A8AC2D00039 for ; Fri, 1 Apr 2016 23:09:51 +0200 (CEST) To: bitcoin-dev@lists.linuxfoundation.org References: <56F2B51C.8000105@jonasschnelli.ch> From: Jonas Schnelli Message-ID: <56FEE39B.3040401@jonasschnelli.ch> Date: Fri, 1 Apr 2016 23:09:47 +0200 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:38.0) Gecko/20100101 Thunderbird/38.6.0 MIME-Version: 1.0 In-Reply-To: <56F2B51C.8000105@jonasschnelli.ch> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="crLCHGnEni3J6qko3Fr3KQ2Jd5geRw2u5" X-Mailman-Approved-At: Fri, 01 Apr 2016 22:28:11 +0000 Subject: Re: [bitcoin-dev] p2p authentication and encryption BIPs X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Development Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Apr 2016 21:09:54 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --crLCHGnEni3J6qko3Fr3KQ2Jd5geRw2u5 Content-Type: multipart/mixed; boundary="CQ98nntSLT1CklhpwH0iJnJSwjjbi0sKH" From: Jonas Schnelli To: bitcoin-dev@lists.linuxfoundation.org Message-ID: <56FEE39B.3040401@jonasschnelli.ch> Subject: Re: [bitcoin-dev] p2p authentication and encryption BIPs References: <56F2B51C.8000105@jonasschnelli.ch> In-Reply-To: <56F2B51C.8000105@jonasschnelli.ch> --CQ98nntSLT1CklhpwH0iJnJSwjjbi0sKH Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable > I have just PRed a draft version of two BIPs I recently wrote. > https://github.com/bitcoin/bips/pull/362 Hi. I just updated the PR above with another overhaul of the BIP. It's still under heavy review/work, nevertheless =96 at this point =96 an= y feedback is highly welcome. Changes since last update: -> Removed AES256-GCM as cipher suite -> Focusing on Chacha20-Poly1305 (implementation size ~300L) -> Two symmetric cipher keys must be calculated by HMAC_SHA512 from the ecdh secret -> A session-ID (both directions) must be calculated (HMAC_SHA256) for linking an identity authentication (ecdsa sig of the session-ID) with the encryption -> Re-Keying ('=3Dhash(old_key)') can be announced by the responding peer= (after x minutes and/or after x GB, local peer policy but not shorter then 10mins). -> AEAD tag is now the last element in the new message format It is very likely that the encrypted message format performs slightly better than the current message format (removing the SHA256 checksum). --- --CQ98nntSLT1CklhpwH0iJnJSwjjbi0sKH-- --crLCHGnEni3J6qko3Fr3KQ2Jd5geRw2u5 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJW/uObAAoJECnUvLZBb1Ps+nkP/A6snavjv2uVfrpy8Wj1UFbO qn31EkadlTYOBRO2K2pLw9ZkJ8g0roRzGQzjkZxYIG5uUKNoCLK3O+sxRA8NKAO8 Hk0IH+imlk3+vNSW2FIFzQEL/WVosHCcmMY75dJeODoMwkD7OjYezYqniSz6gNTs kBpKGDgnDgXub3vULaf53wCefmzB30RSFN6MzOAqSr6iVXxWw0+Czji0wQC64dBb wcPizfilHHTGAuZ3WbR7DbFUXizUOqxlOkLiAeSJzf71I4A4HYP3RAMoIJXdfIho +WKjFiHf52VE2oZeF+wc/NF5G0iIOn4TS6LhjqE/eDDWd53rHateI1p+26AU7Fe9 lv2DTCF4daAhfCPMnJl7MyOSPnvRjtv4+IzCEK9SU00wYMn8XIAF8vfC/YTQDvJT Mx7jgasqXNiRIdsWmQOPt+RnAwKN4/yds2LQrccLBgAC6iNzdSbSN6MvhHKTz1tY F3mRWUHRHu1eoKzGklE+Fy8bH0yP6eyQB552VpPayY546rmvDBT5HLmv3u40B9p9 IgAkxpFonrq/3dAjwNgRXve4Sb8Iwg1tY9kqOWAoGhPmmx9ZmHUsgAsRE4z1O+UG 4OqEbb0yXnBU24JrzuMXN2NoAdiEXqj7Xst2w0kObIzwkBf65MaisGjzFiPiQPxR gIlvGWm4VKHpj+TPvQUZ =Y7jr -----END PGP SIGNATURE----- --crLCHGnEni3J6qko3Fr3KQ2Jd5geRw2u5--