Open
Description
http://cr.yp.to/chacha.html
https://rweather.github.io/arduinolibs/classChaChaPoly.html
Thanks to KittyAshley on Discord for the idea.
Metadata
Metadata
Assignees
Labels
Type
Projects
Milestone
Relationships
Development
No branches or pull requests
Participants
Activity
AshleyPinner commentedon Feb 27, 2020
Further to my comments on discord (hi!), since you're also using circuitpython, this might be compatible: https://pycryptodome.readthedocs.io/en/latest/src/cipher/chacha20_poly1305.html
That said, I have little experience with circuitpython and the requirements thereof.
tannewt commentedon Mar 3, 2020
Hi @AshleyPinner! Thanks for the link. I don't think we have any base64 support so that may make it difficult.
Can ChaCha work if some messages are missed? Thanks!
AshleyPinner commentedon Mar 11, 2020
base64 is reasonably easy to do in python even if you can't lib it. It's mostly used for encoding of the binary data in a more efficient way than just hex.
As for ChaCha, I think it's all or nothing to decrypt, but one assumes you'd be sending lots of small messages. Since it's not a block cipher, the length of input is the length of output (with the mac added on top), so you shouldn't have to worry about loss of messages; you just encapsulate every message in one set of key + nonce, get encrypted + mac, send nonce + encrypted + mac. If that packet fails to arrive, then it's a missed message, but no partial decrypt problems :)
At least, that's a combination of my understanding and hopefully reading the question right :)
siddacious commentedon Mar 11, 2020
@tannewt we might want to consider adding base64 as it's pretty common, especially with web/http stuff (or at least it was last I looked)
tannewt commentedon Mar 12, 2020
I think I confused myself. While we don't have base64 support, we do have binascii: https://github.com/adafruit/circuitpython/blob/master/extmod/modubinascii.c#L246
@AshleyPinner I think you read it right. I was worried about missed messages but it seems like it'd be ok. I just don't know enough about encryption to understand the impact of it.
kevinjwalters commentedon May 14, 2020
Don't the nRF52840's have some stuff builtin to accelerate AES? Is that supported/exposed?
Actually AES might be a touch "lumpy" with its 128 bit blocksize?
tannewt commentedon May 14, 2020
We just added an
aesiomodule that is currently software implemented. It'd be cool to use the hardware for it but we don't have immediate plans to add it.kevinjwalters commentedon Jul 4, 2020
There's an LGPL 2.1 Python implementation of ChaCha20 in https://github.com/tomato42/tlslite-ng/blob/master/tlslite/utils/chacha.py - I just tested it against some data in RFC 8439 and it looks good.
The nonce is 12 bytes so depending on how this is used the data might not always be as small as is hoped. I'm going to repeat parts of the nonce and key to shrink them down for my application as I'm just using it for fun.
kevinjwalters commentedon Oct 13, 2020
On the subject of AES being lumpy, here's a cautionary tale about using it and converting it to a stream cipher with more bulk from an IV: https://www.secura.com/blog/zero-logon