The library is openssl and that comes with all these ciphers available. No other reason than because we can!
I wish AES-GCM was available...but openssl can't do it on its own without further dependencies to parse the authentication correctly.
Really this whole layer is complelty redundant actually. It's already E2EE without openssl via Tor. I like that it's encrypted before I hit the network pipe though.
If a library doesn't do what you need, you need a different library, but this is impossible from a short bash script, so it's one of the tradeoffs of your design.
Then maybe your scientists should spend some time to stop and consider whether they should ;)
But seriously, I'd just limit this to one option on the selection side, even if you continue supporting more than that at the protocol level for cryptographic agility.
I would rather avoid cipher fixation. Give me thousands of protocol / cipher / mac / mode combinations. Fixation only benefits nations wanting to crack something.
Adding to that, cryptography is just mathematical obfuscation and often repeated here is that security through obscurity is not security at all. I will stick with my own principals of not fixating on a cipher. The only people that benefit are lazy spooks.
Rather than what is accepted as the strongest ciphers I prefer ciphers not optimized by CPU's and GPU's. Spooks will have to cycle through every combination of protocol + cipher + mac + mode + passphrase + whatever other obfuscation I shim inside that tunnel. Keep 'em on their toes. Even better I will also cycle through these encoding methods [1] if I am in a good mood otherwise I will rot13 their ass and then force them to use a Drogan’s Decoder Wheel.
The library is openssl and that comes with all these ciphers available. No other reason than because we can!
I wish AES-GCM was available...but openssl can't do it on its own without further dependencies to parse the authentication correctly.
Really this whole layer is complelty redundant actually. It's already E2EE without openssl via Tor. I like that it's encrypted before I hit the network pipe though.
>No other reason than because we can!
great attitude for approximately everything except, perhaps, cryptography.
especially since the initial encryption is mostly redundant, i would encourage that you, at some point, consider reducing the number of ciphers.
If a library doesn't do what you need, you need a different library, but this is impossible from a short bash script, so it's one of the tradeoffs of your design.
> No other reason than because we can!
Then maybe your scientists should spend some time to stop and consider whether they should ;)
But seriously, I'd just limit this to one option on the selection side, even if you continue supporting more than that at the protocol level for cryptographic agility.
I don't see the issue. "Anything that openssl actively supports" plus providing a default seems like an extremely reasonable stance to take.
3 replies →
I would rather avoid cipher fixation. Give me thousands of protocol / cipher / mac / mode combinations. Fixation only benefits nations wanting to crack something.
2 replies →
I think that's great. Cipher fixation is a vulnerability as the enemy knows what to attack.
This understanding of cryptography is so outdated that we don't even have a color photograph of the person first refuting it: https://en.wikipedia.org/wiki/Kerckhoffs%27s_principle
Adding to that, cryptography is just mathematical obfuscation and often repeated here is that security through obscurity is not security at all. I will stick with my own principals of not fixating on a cipher. The only people that benefit are lazy spooks.
Rather than what is accepted as the strongest ciphers I prefer ciphers not optimized by CPU's and GPU's. Spooks will have to cycle through every combination of protocol + cipher + mac + mode + passphrase + whatever other obfuscation I shim inside that tunnel. Keep 'em on their toes. Even better I will also cycle through these encoding methods [1] if I am in a good mood otherwise I will rot13 their ass and then force them to use a Drogan’s Decoder Wheel.
[1] - https://github.com/qntm/base2048
1 reply →