3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-31 01:47:33 +02:00
Code Issues Projects Releases Packages Wiki Activity
pomerium/internal/cryptutil/README.md
Bobby DeSimone d56c889224
initial release
2019-01-02 12:13:36 -08:00

1.8 KiB
Raw Blame History

Generating random seeds

In order of preference:

  • head -c32 /dev/urandom | base64
  • openssl rand -base64 32 | head -c 32 | base64

Encrypting data

TL;DR -- Nonce reuse is a problem. AEAD isn't a clear choice right now.

Miscreant

  • AES-GCM-SIV seems to have ideal properties
  • random nonces

nacl/secretbot

  • Fast
  • XSalsa20 wutg Poly1305 MAC provides encryption and authentication together
  • A newer standard and may not be considered acceptable in environments that require high levels of review. -/+ maintained as an /x/ package
  • doesn't use the underlying cipher.AEAD api.

GCM with random nonces

  • Fastest
  • Go standard library, supported by google $
  • Easy to get wrong
  • IV reuse is a known weakness so keys must be rotated before birthday attack. NIST SP 800-38D recommends using the same key with random 96-bit nonces (the default nonce length) no more than 2^32 times

Further reading on tradeoffs: