Comments (6)
felinira
commented on June 20, 2024
1
I actually don't think this is a security issue since the entire file is encrypted at once. So it's one nonce & one pass. The AEAD_CHACHA20_POLY1305 RFC states:
a nonce value cannot be used securely more than once with the same key.
You might be right. As long as "using once" means one invocation of the algorithm which it probably does?
from portal.
landhb
commented on June 20, 2024
I actually don't think this is a security issue since the entire file is encrypted at once. So it's one nonce & one pass. The AEAD_CHACHA20_POLY1305 RFC states:
a nonce value cannot be used securely more than once with the same key.
Which fits the current use case. Since the nonce + key are both only used once to encrypt the entire file, and never used again.
For performance I think I did have it encrypt per chunk during development at one point and it was actually slower than a single call to encrypt_in_place_detached. But it would be worth creating & running some benchmarks to see if there is any speedup.
from portal.
piegamesde
commented on June 20, 2024
@felinira You appear to be reworking the protocol at the moment. May I suggest you to have a deep look at croc and Magic Wormhole first (if not already done so)? A lot of valuable lessons were learned in the making of there w.r.t to security, features and backwards compatibility. I wouldn't want you to learn these the hard way …
from portal.
felinira
commented on June 20, 2024
@felinira You appear to be reworking the protocol at the moment. May I suggest you to have a deep look at croc and Magic Wormhole first (if not already done so)? A lot of valuable lessons were learned in the making of there w.r.t to security, features and backwards compatibility. I wouldn't want you to learn these the hard way …
I was only trying things out for fun. But I will definitely look more in depth there, thanks.
from portal.
landhb
commented on June 20, 2024
Going to close the issue for now since currently the nonce is only used once. If we move to per-chunk encryption later on we'll need to generate a nonce per-chunk.
For the new metadata PR, since it's encrypted separately it uses an entirely different nonce: https://github.com/landhb/portal/blob/encmetadata/lib/src/lib.rs#L381
from portal.
landhb
commented on June 20, 2024
Per-chunk encryption has now been implemented in #11, so unique nonces per-chunk are now generated via NonceSequence
from portal.
Related Issues (4)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from portal.