Return-Path: <obnam-dev-bounces@obnam.org>
X-Original-To: distix@pieni.net
Delivered-To: distix@pieni.net
Received: from yaffle.pepperfish.net (yaffle.pepperfish.net [88.99.213.221])
	by pieni.net (Postfix) with ESMTPS id CA9CB42E84
	for <distix@pieni.net>; Mon,  3 Jul 2017 19:16:45 +0000 (UTC)
Received: from platypus.pepperfish.net (unknown [10.112.101.20])
	by yaffle.pepperfish.net (Postfix) with ESMTP id 9E52D41C86;
	Mon,  3 Jul 2017 20:16:45 +0100 (BST)
Received: from ip6-localhost.nat ([::1] helo=platypus.pepperfish.net)
	by platypus.pepperfish.net with esmtp (Exim 4.80 #2 (Debian))
	id 1dS6px-0007yu-KM; Mon, 03 Jul 2017 20:16:45 +0100
Received: from [10.112.101.21] (helo=inmail2.pepperfish.net)
 by platypus.pepperfish.net with esmtps (Exim 4.80 #2 (Debian))
 id 1dS6pw-0007yh-K8
 for <obnam-dev@obnam.org>; Mon, 03 Jul 2017 20:16:44 +0100
Received: from palant.de ([88.198.212.187])
 by inmail2.pepperfish.net with esmtps
 (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.89)
 (envelope-from <wladimir@palant.de>) id 1dS6pu-0002Hx-Lq
 for obnam-dev@obnam.org; Mon, 03 Jul 2017 20:16:44 +0100
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=palant.de; 
 s=dkim201610;
 h=Sender:Content-Transfer-Encoding:Content-Type:In-Reply-To:
 MIME-Version:Date:Message-ID:From:References:Cc:To:Subject;
 bh=z4UU+Ktqsm5fjlAUOptwQSgmee5f6+ofDGLADbelzRU=; b=AHw4xgn8dd8TeBIU4o3A+ByXbQ
 wB4GhbdfchRP6oB7xYn72kmFH7H9mOjvQmlJpiJyg27cyYQGXnWJ5y7cq8YF77xovzFnGdmgGq37x
 mv0iS2RrKW8Ym6fg4JsT/Rm5Xm6MQ9bxRlAr2hIMGfXm7ez6k7C5E42i0+BuEpKhoaFA=;
To: Henri Sivonen <hsivonen@hsivonen.fi>
References: <2d0a8c01-9f58-1ee7-7e20-53fe65d96718@palant.de>
 <CAJQvAueazfvt9g2nPsqyuzecJXU0BRVs7hyZoqFBdG3bCmxO+w@mail.gmail.com>
From: Wladimir Palant <gtiobnam@palant.de>
Message-ID: <f1809076-4875-1c34-b321-681ccf1b2071@palant.de>
Date: Mon, 3 Jul 2017 21:16:35 +0200
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.1.1
MIME-Version: 1.0
In-Reply-To: <CAJQvAueazfvt9g2nPsqyuzecJXU0BRVs7hyZoqFBdG3bCmxO+w@mail.gmail.com>
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit
X-Pepperfish-Transaction: eb4a-b77a-e0be-350d
X-Spam-Score: -3.5
X-Spam-Score-int: -34
X-Spam-Bar: ---
X-Scanned-By: pepperfish.net, Mon, 03 Jul 2017 20:16:44 +0100
X-Spam-Report: Content analysis details: (-3.5 points)
 pts rule name              description
 ---- ---------------------- --------------------------------------------------
 -0.5 PPF_USER_AGENT         User-Agent: exists
 -1.0 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain
 -1.9 BAYES_00               BODY: Bayes spam probability is 0 to 1%
 [score: 0.0000]
 -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
 0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
 not necessarily valid
 -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
 domain
X-ACL-Warn: message may be spam
X-Scan-Signature: 909e24a621a695a51ad00ecc17e68015
Cc: obnam-dev@obnam.org
Subject: Re: [rfc] Passphrase-based encryption
X-BeenThere: obnam-dev@obnam.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Obnam development discussions <obnam-dev-obnam.org>
List-Unsubscribe: <http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org>,
 <mailto:obnam-dev-request@obnam.org?subject=unsubscribe>
List-Archive: <http://listmaster.pepperfish.net/pipermail/obnam-dev-obnam.org>
List-Post: <mailto:obnam-dev@obnam.org>
List-Help: <mailto:obnam-dev-request@obnam.org?subject=help>
List-Subscribe: <http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org>,
 <mailto:obnam-dev-request@obnam.org?subject=subscribe>
Sender: obnam-dev-bounces@obnam.org
Errors-To: obnam-dev-bounces@obnam.org

On 03.07.2017 20:29, Henri Sivonen wrote:
> If you don't need AES specifically, you can find an XSalsa20+Poly1305
> implementation at:
> https://github.com/hsivonen/obnam/compare/salsa?expand=1

Interesting, thank you for sharing. This is way more advanced than my 
quick and dirty plugin of course.

> I haven't had the time to write proper unit tests, benchmarks or docs,
> which is why I haven't tried upstreaming it.

Unfortunately, I assume that the arguments against upstreaming my 
solution apply to yours just as well - so even with tests, benchmarks 
and docs it won't get accepted.

> Probably more important that letting users tweak the key size is to
> make sure that the AEAD construction is good and suitable for use with
> a randomly-generated nonce for the amount of data one would expect to
> encrypt using Obnam. I don't know if CFB fits this, but
> XSalsa20+Poly1305 or XChaCha20+Poly1305 should (the non-X variants of
> Salsa20 and ChaCha20 *don't*).

CFB uses initialization vectors (randomly generated for each file in my 
case) which I think serve a similar purpose. But I'm not really familiar 
with either Salsa20 or ChaCha20 so I would be grateful if you could 
expand. What kind of issues is this about? Are you implying that these 
algorithms would be better performance-wise? I don't really know how 
they compare to AES but at least for me the performance is clearly 
limited by the uplink and not by the CPU. In other scenarios it could be 
completely different of course.

regards
Wladimir

_______________________________________________
obnam-dev mailing list
obnam-dev@obnam.org
http://listmaster.pepperfish.net/cgi-bin/mailman/listinfo/obnam-dev-obnam.org