[messaging] Secure OpenPGP Key Pair Synchronization via IMAP (RFC)

Tankred Hase tankred at whiteout.io
Wed Apr 8 08:47:30 PDT 2015

Hi David,

thanks for the quick feedback.

> Quite nice. I'd be inclined to support something like it. Strongly suggest,
> however, that you specify either
> - (1) some variant of Scrypt
> - (2) one of the PHC R2 competitors Lyra2 or Catena.
> If (1), I'd suggest Scrypt(hash=HChaCha20, kdf=Shake255)

This was also Cure53's suggestion, but we decided to go with PBKDF2-SHA256 and AES-GCM for version 1 of the protocol due to performance constraints e.g. in the iOS WebView.

It would totally make sense to have an scrypt based option for version 2 though.

> I'll -- in the next couple of weeks -- be making available a PNaCl
> implementation of this. It can also be implemented efficiently in JS,
> though the only published correct implementation of Shake I know of
> compiles coruus/keccak-tiny via Emscripten...

Cool. Unfortunately we can't use PNaCl since our app has to run on iOS, Android and Windows Runtime as well as Chrome. But there is an emscripten port called js-nacl if I recall correctly.


Sent from Whiteout Mail - https://whiteout.io

My PGP key: https://keys.whiteout.io/tankred@whiteout.io
Whiteout Networks GmbH c/o Werk1
Grafinger Str. 6
D-81671 München
Geschäftsführer: Oliver Gajek
RG München HRB 204479
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 528 bytes
Desc: not available
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20150408/82872f5b/attachment.sig>

More information about the Messaging mailing list