Add ChaCha support for basic security #2
Comments
|
Further to my comments on discord (hi!), since you're also using circuitpython, this might be compatible: https://pycryptodome.readthedocs.io/en/latest/src/cipher/chacha20_poly1305.html That said, I have little experience with circuitpython and the requirements thereof. |
|
Hi @AshleyPinner! Thanks for the link. I don't think we have any base64 support so that may make it difficult. Can ChaCha work if some messages are missed? Thanks! |
|
base64 is reasonably easy to do in python even if you can't lib it. It's mostly used for encoding of the binary data in a more efficient way than just hex. As for ChaCha, I think it's all or nothing to decrypt, but one assumes you'd be sending lots of small messages. Since it's not a block cipher, the length of input is the length of output (with the mac added on top), so you shouldn't have to worry about loss of messages; you just encapsulate every message in one set of key + nonce, get encrypted + mac, send nonce + encrypted + mac. If that packet fails to arrive, then it's a missed message, but no partial decrypt problems :) At least, that's a combination of my understanding and hopefully reading the question right :) |
|
@tannewt we might want to consider adding base64 as it's pretty common, especially with web/http stuff (or at least it was last I looked) |
|
I think I confused myself. While we don't have base64 support, we do have binascii: https://github.com/adafruit/circuitpython/blob/master/extmod/modubinascii.c#L246 @AshleyPinner I think you read it right. I was worried about missed messages but it seems like it'd be ok. I just don't know enough about encryption to understand the impact of it. |
|
Don't the nRF52840's have some stuff builtin to accelerate AES? Is that supported/exposed? Actually AES might be a touch "lumpy" with its 128 bit blocksize? |
|
We just added an |
|
There's an LGPL 2.1 Python implementation of ChaCha20 in https://github.com/tomato42/tlslite-ng/blob/master/tlslite/utils/chacha.py - I just tested it against some data in RFC 8439 and it looks good. The nonce is 12 bytes so depending on how this is used the data might not always be as small as is hoped. I'm going to repeat parts of the nonce and key to shrink them down for my application as I'm just using it for fun. |
|
On the subject of AES being lumpy, here's a cautionary tale about using it and converting it to a stream cipher with more bulk from an IV: https://www.secura.com/blog/zero-logon |
http://cr.yp.to/chacha.html
https://rweather.github.io/arduinolibs/classChaChaPoly.html
Thanks to KittyAshley on Discord for the idea.
The text was updated successfully, but these errors were encountered: