> On Jan 12, 2022, at 9:22 AM, Kenton Varda <[email protected]> wrote:
>
> Sorry for the long delay in replying, I had a baby the day you sent this!
Congratulations! 🎉 I remember those days...
> This is neat! How many round trips are needed to set up a connection?
There are four messages: C->S, S->C, C->S, S->C. In the current implementation
they happen one at a time, so I guess that’s two round trips? But it looks as
though messages 1 & 2 can be sent concurrently, and also 3 & 4.
I dimly recall that there are some additional TCP hacks one can do, to
piggyback a small payload on the initial packets that open the connection, but
I don’t feel like cracking open TCP/IP Illustrated right now :-p
> Hmm if you're using a plain xsalsa20 stream and not secret boxes, does that
> mean you're implementing only encryption, not authentication? Note that
> XSalsa20 and related ciphers work by generating a random stream, and then
> XORing it with the plaintext. So although the attacker can't decrypt the
> bytes, they can flip individual bits in the ciphertext and this will result
> in the same bit being flipped in the plaintext.
Yeah, there are no integrity checks in the data stream, and I agree that’s a
weakness*. Adding MACs requires adding a block- or message-oriented layer on
top, like SecretBox, the way that Scuttlebutt does. This feels like redundant
effort since Cap’nP also is itself message-oriented; my guess is that there’s a
higher level API inside Cap’nP that exposes the message framing, and the MAC
could be added there, but I have not yet delved deeper into the way Cap’nP
works. (Hints welcome.)
(Or if there’s a clever stream-based way to insert MACs without having to build
a framing layer, that would be even better. I’ve read my share of crypto
textbooks, maybe I’ve just forgotten that bit.)
—Jens
* I should probably call this out in the readme, shouldn’t I.
--
You received this message because you are subscribed to the Google Groups
"Cap'n Proto" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To view this discussion on the web visit
https://groups.google.com/d/msgid/capnproto/D78A1434-B928-43D4-951D-5CFA2E021B8E%40mooseyard.com.
