-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Migrate to a cross-platform, well-established crypto library #23
Comments
The manual version seems to work, even if just in the intermediate step. |
With 41594ec the core parts now fully work with libsodium only. Also we can drop both |
Just realized that libsodium crypto-box automatically sign the messages that it encrypts. While we might want to do that from journalist->source, we probably do not want that on submission as it provides non-repudiability, which in case of a source it is not a desirable property. |
I have ported the server to OpenResty, using https://gist.github.com/lsd-cat/721313dc54578f04553ffa9c39852f9d |
Completed with #24. Sample OpenResty server will be added to the repo soon. |
Currently we are using python-ecdsa for the DH operations, while we are using libsodium for the symmetric encryption. We originally chose a native python library so that we could edit and debug the crypto primitives. With the recent changes, and the protocol now using only established and available primitives, we should be able to use libsodium (or even openssl) only.
A lot of porting is already in the libsodium-only branch.
Currently, the message fetching mechanism does not work: I tried to implement it using only the higher level functions in the following way:
However, the comparison returns
False
, meaning that the server and the fetching party are currently not able to compute the same shared secret. It can be worth investigating why, or try to implement the mechanism using the lower level crypto_scalarmult().Edit: it is probably because the result of the multiplication is hashed or expanded (with also other parameters) before the usage in Box, losing the commutative property of DH.
The text was updated successfully, but these errors were encountered: