Author: Jonas Schnelli 2018-09-03 12:16:19
Published on: 2018-09-03T12:16:19+00:00
The author of the BIP151 implementation has proposed an updated specification with significant changes. They are unsure whether to publish it under a new BIP number or modify the existing proposal. The existing BIP151 implementation from BCoins has been removed, and the only known implementation is from Armory. The major changes in the updated specification include a pure 32-byte per-side pseudorandom key exchange before any other communication, removal of the multi-message envelope, a new NODE_ENCRYPTED service bit, specific key derivation and communication direction, and a 3-byte integer for packet length. Short-command IDs have also been introduced to reduce bandwidth usage. Rekeying can now be signaled through the most significant bit in the packet-size field without requiring a message.Additionally, the author is considering adding the Hybrid NewHope key exchange to make the encryption PQ safe with little cost. This approach follows TOR's approach and uses a NewHope key-exchange. There is a straightforward implementation available from the NewHope team that has been submitted to NIST PQC project. The author is also exploring the inefficiency of ChaCha20Poly1305 at openssh, which uses at least three rounds of ChaCha20 that could eventually be reduced to two.
Updated on: 2023-05-20T17:40:11.439751+00:00