Re: [openpgp] Request on Adding ChaCha20-Poly1305 to the OpenPGP Standardization

Werner Koch <wk@gnupg.org> Thu, 16 April 2020 05:10 UTC

Return-Path: <wk@gnupg.org>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F20A23A0DE0 for <openpgp@ietfa.amsl.com>; Wed, 15 Apr 2020 22:10:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=gnupg.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CwQRM8MSOQCy for <openpgp@ietfa.amsl.com>; Wed, 15 Apr 2020 22:10:11 -0700 (PDT)
Received: from kerckhoffs.g10code.com (kerckhoffs.g10code.com [IPv6:2001:aa8:fff1:100::22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 94E663A0DDF for <openpgp@ietf.org>; Wed, 15 Apr 2020 22:10:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=gnupg.org; s=20181017; h=Content-Type:MIME-Version:Message-ID:In-Reply-To:Date: References:Subject:Cc:To:From:Sender:Reply-To:Content-Transfer-Encoding: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=W/9vj5PqT65mi1PyX3YP2cfbrnb+JRLhXLOuUDNi300=; b=B0DOwNMcksqUMOdknXEmV/8+qV 458TYnAtSCCcy/EntFZyGMGXJUAA3K5bOHU3PWG41xLuW0FXnHQo680al4LLUYnwb2enJTi5ViKx4 74Fh6/Yu9mSXPMTxs4ZaFYpiRqC9QSnbjFtPzzc3GlDvARBVesnnyBi6UDPLRuAY2sRA=;
Received: from uucp by kerckhoffs.g10code.com with local-rmail (Exim 4.89 #1 (Debian)) id 1jOwmv-0006gt-2r for <openpgp@ietf.org>; Thu, 16 Apr 2020 07:10:09 +0200
Received: from wk by wheatstone.g10code.de with local (Exim 4.92 #5 (Debian)) id 1jOwmN-0002d5-NK; Thu, 16 Apr 2020 07:09:35 +0200
From: Werner Koch <wk@gnupg.org>
To: "Tanveer.Salim" <Tanveer.Salim=40protonmail.com@dmarc.ietf.org>
Cc: "openpgp\@ietf.org" <openpgp@ietf.org>, "Tanveer.Salim" <Tanveer.Salim@protonmail.com>
References: <j9dQb5ZX4J72RggcAWKiafQOwaDebpEJnA2j3Yks5ahI9kNECdscL9nGmyP-wzXN7UY5Gtc4w_HjsaJHX3IUf8xBbCJv38JtOYQgr0GNGX0=@protonmail.com>
Organisation: GnuPG e.V.
X-message-flag: Mails containing HTML will not be read! Please send only plain text.
Mail-Followup-To: "Tanveer.Salim" <Tanveer.Salim=40protonmail.com@dmarc.ietf.org>, "openpgp\@ietf.org" <openpgp@ietf.org>, "Tanveer.Salim" <Tanveer.Salim@protonmail.com>
Date: Thu, 16 Apr 2020 07:09:30 +0200
In-Reply-To: <j9dQb5ZX4J72RggcAWKiafQOwaDebpEJnA2j3Yks5ahI9kNECdscL9nGmyP-wzXN7UY5Gtc4w_HjsaJHX3IUf8xBbCJv38JtOYQgr0GNGX0=@protonmail.com> (Tanveer Salim's message of "Wed, 15 Apr 2020 17:53:31 +0000")
Message-ID: <87y2qw6mph.fsf@wheatstone.g10code.de>
User-Agent: Gnus/5.13 (Gnus v5.13)
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=Salmonella_Ammonium_nitrate_SAFE_Recce_Arellano-Felix_Mayfly_Jet_Sle"; micalg=pgp-sha256; protocol="application/pgp-signature"
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/Ki9N6Qf1L3WJmlV938NRWMM8Jc8>
Subject: Re: [openpgp] Request on Adding ChaCha20-Poly1305 to the OpenPGP Standardization
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 Apr 2020 05:10:15 -0000

On Wed, 15 Apr 2020 17:53, Tanveer.Salim said:

> issues with adding ChaCha20-Poly1305. Political in the sense that many
> implementations will be offended if the switch was made from AES to
> ChaCha20-Poly1305. I am not saying we should necessarily switch the

Well, that was not exactly my point.  With political I meant that we had
to add a couple of algorithms to please some countries or make it
possible for them to use OpenPGP.  That is for example the case for
Camellia, the Brainpool and NIST curves.

> According to the Autocrypt website, it would be great if Argon2 and
> SCrypt key derivation functions to OpenPGP as well. But Autocrypt

Well, we are doing public key crypto and thus passwords are not of
primary interest.  If OpenPGP is used with symmetric-only encryption I
expect that a full-entropy key is used and thus the KDF is not used for
security reasons.


Shalom-Salam,

   Werner

-- 
Die Gedanken sind frei.  Ausnahmen regelt ein Bundesgesetz.