Re: [openpgp] Request on Adding ChaCha20-Poly1305 to the OpenPGP Standardization

Paul Wouters <paul@nohats.ca> Wed, 15 April 2020 23:03 UTC

Return-Path: <paul@nohats.ca>
X-Original-To: openpgp@ietfa.amsl.com
Delivered-To: openpgp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4607F3A0CB0 for <openpgp@ietfa.amsl.com>; Wed, 15 Apr 2020 16:03:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=nohats.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ps8WppYhYhNL for <openpgp@ietfa.amsl.com>; Wed, 15 Apr 2020 16:03:51 -0700 (PDT)
Received: from mx.nohats.ca (mx.nohats.ca [IPv6:2a03:6000:1004:1::68]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 5B3F23A0CAE for <openpgp@ietf.org>; Wed, 15 Apr 2020 16:03:51 -0700 (PDT)
Received: from localhost (localhost [IPv6:::1]) by mx.nohats.ca (Postfix) with ESMTP id 492dFc3ZWjzG6n; Thu, 16 Apr 2020 01:03:48 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nohats.ca; s=default; t=1586991828; bh=OfaSvm4xtyQ9uHEXZNy84Jd2IcM010BV6TIDSu+2STc=; h=From:Subject:Date:References:Cc:In-Reply-To:To; b=d2fCQiARhLJuRsyLn4Kao6BL+KwYyyToN0LKz3r65+TTZyDb8ur6//JLPNqRpEe2t nn0QE3UjSn5pp8LYVJmIj0UDiKTys5ZbHPsHbuSY36eMKymZT5+MVcL/cLNoEQt7Lp rHMhqkbs/Fqc+UR9ci4bmqDI34wPUfFisC7N9cLw=
X-Virus-Scanned: amavisd-new at mx.nohats.ca
Received: from mx.nohats.ca ([IPv6:::1]) by localhost (mx.nohats.ca [IPv6:::1]) (amavisd-new, port 10024) with ESMTP id KAOEsF6cOiiA; Thu, 16 Apr 2020 01:03:47 +0200 (CEST)
Received: from bofh.nohats.ca (bofh.nohats.ca [76.10.157.69]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx.nohats.ca (Postfix) with ESMTPS; Thu, 16 Apr 2020 01:03:47 +0200 (CEST)
Received: from [193.111.228.74] (unknown [193.111.228.74]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by bofh.nohats.ca (Postfix) with ESMTPSA id 587F6601EBCB; Wed, 15 Apr 2020 19:03:43 -0400 (EDT)
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
From: Paul Wouters <paul@nohats.ca>
Mime-Version: 1.0 (1.0)
Date: Wed, 15 Apr 2020 19:03:42 -0400
Message-Id: <719834C6-3421-4E7E-98D6-8CEDDDD71246@nohats.ca>
References: <UW0DHeR2Gnu_wyh5Kxnt1MiZZ9IuZkDrBgE_plRe00lciWdx48zwGCfy3mH1JvXoUE6w7nM2EhGytyNTJ_TW2U7QlYyxLetjhbq430UFJP0=@protonmail.com>
Cc: "Tanveer.Salim" <Tanveer.Salim@protonmail.com>, "openpgp@ietf.org" <openpgp@ietf.org>
In-Reply-To: <UW0DHeR2Gnu_wyh5Kxnt1MiZZ9IuZkDrBgE_plRe00lciWdx48zwGCfy3mH1JvXoUE6w7nM2EhGytyNTJ_TW2U7QlYyxLetjhbq430UFJP0=@protonmail.com>
To: Bart Butler <bartbutler@protonmail.com>
X-Mailer: iPhone Mail (17D50)
Archived-At: <https://mailarchive.ietf.org/arch/msg/openpgp/zhQV4rZ53-IKZ416g8mCvW1g6GQ>
Subject: Re: [openpgp] Request on Adding ChaCha20-Poly1305 to the OpenPGP Standardization
X-BeenThere: openpgp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Ongoing discussion of OpenPGP issues." <openpgp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/openpgp>, <mailto:openpgp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/openpgp/>
List-Post: <mailto:openpgp@ietf.org>
List-Help: <mailto:openpgp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/openpgp>, <mailto:openpgp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Apr 2020 23:03:54 -0000

On Apr 15, 2020, at 18:21, Bart Butler <bartbutler=40protonmail.com@dmarc.ietf.org> wrote:
> 
> 
> What this means is that we'd never be able to "drop" AES--the best we could do is add ChaCha and wait for the major implementations to add it. This would in turn delay the cryptographic refresh of OpenPGP by even more, introduce more opportunities for incompatibilities between implementations, and increase the algorithm bloat of OpenPGP for a minor speed and security benefit, and, because OpenPGP messages last forever, it would obligate that support to continue for the next several decades. It does not seem worth it to me, at least at this time.

I wholeheartedly agree with this statement.

Paul