ChaCha20/Poly1305 in OpenSSL?

Discussion:

Jeffrey Walton

2014-04-25 21:22:36 UTC

According to http://googleonlinesecurity.blogspot.com/2014/04/speeding-up-and-strengthening-https.html:

To make this happen, [we] began implementing new algorithms --
ChaCha 20 for symmetric encryption and Poly1305 for
authentication -- in OpenSSL and NSS in March 2013.

But I have not been able to find its trail:

$ cd openssl-git
$ git pull
Already up-to-date.
$ grep -R -i chacha *
$ grep -R -i poly1305 *
$

Where are the new cipher suites located in OpenSSL?

Thanks in advance.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org

Piotr Sikora

2014-04-25 22:36:08 UTC

Permalink

Hey,

Post by Jeffrey Walton
$ cd openssl-git
$ git pull
Already up-to-date.
$ grep -R -i chacha *
$ grep -R -i poly1305 *
$
Where are the new cipher suites located in OpenSSL?

$ git checkout 1.0.2-aead

They are there... Just not merged into mainline. I would be also
interested in knowing whether there is any ETA for that.

Best regards,
Piotr Sikora
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org

Jeffrey Walton

2014-10-07 17:07:51 UTC

Permalink

Post by Piotr Sikora

Post by Jeffrey Walton
$ cd openssl-git
$ git pull
Already up-to-date.
$ grep -R -i chacha *
$ grep -R -i poly1305 *
$
Where are the new cipher suites located in OpenSSL?

$ git checkout 1.0.2-aead
They are there... Just not merged into mainline. I would be also
interested in knowing whether there is any ETA for that.

I just checked the dev branch again, and I did not see them.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org

Matt Caswell

2014-10-07 19:42:26 UTC

Permalink

Post by Jeffrey Walton

Post by Piotr Sikora

Post by Jeffrey Walton
$ cd openssl-git
$ git pull
Already up-to-date.
$ grep -R -i chacha *
$ grep -R -i poly1305 *
$
Where are the new cipher suites located in OpenSSL?

$ git checkout 1.0.2-aead
They are there... Just not merged into mainline. I would be also
interested in knowing whether there is any ETA for that.

I just checked the dev branch again, and I did not see them.

The particular branch in question is not current:
http://marc.info/?l=openssl-dev&m=140189910129029&w=2

The spec still appears to be moving. I note the date on this is only 6
weeks old:
https://datatracker.ietf.org/doc/draft-irtf-cfrg-chacha20-poly1305

Matt
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org

Salz, Rich

2014-10-07 19:44:52 UTC

Permalink

The spec still appears to be moving. I note the date on this is only 6 weeks
https://datatracker.ietf.org/doc/draft-irtf-cfrg-chacha20-poly1305

The spec is done. That was a minor update, as I recall. But it's in last call state right now. My money's on quick adoption as soon as the various IETF timers run out.

/r$
--
Principal Security Engineer, Akamai Technologies
IM: ***@jabber.me Twitter: RichSalz
��H��7��m��
)z{,��RǫJ�i��Lj)b��)z{,��M��B���&jw��