I'll try to answer some of your questions.
On Tue, Aug 12, 2008 at 9:12 AM, Hal Finney, PGP Corporation
<hal.f...@gmail.com> wrote:
>
> HI Steve - A couple of comments on the crypto:
>
>> - Symmetric Encryption uses 128-bit AES-CBC with PKCS#5 padding.
>
> What about the choice of the IV? How is that done?
The IV bytes are randomly generated.
>
>> All
>> ciphertexts are signed with a 256-bit HMAC-SHA1 key. 192-bit and 256-
>> bit keys are also supported.
>
> I think there is a typo here, 256 appears twice. I would suggest that
> you bypass SHA1 and go to SHA256. The margin of safety of SHA1 is
> getting uncomfortably low.
The 192-bit and 256-bit key options refer to the size of the AES key,
not the HMAC key used to sign the AES ciphertext. The default length
for AES keys is 128 bits. Currently the only available length of HMAC
keys is 256 bits.
>
> Also, does "all ciphertexts" include public key encrypted + signed
> data? Using a MAC there would be redundant.
No, we only attach an HMAC sig for symmetric encryption (i.e. to AES
ciphertexts).
It's not just Java oriented. We currently have both a Java and Python
implementation of Keyczar. We're planning to develop and release a C++
version soon as well.
>
> Hal Finney
> PGP Corporation
Thanks for your comments and welcome to the project!
--Arkajit
> >
>
"Nothing is really work unless you would rather be doing something
else." - J.M. Barrie
"The outcome of any serious research can only be to make two questions
grow where only one grew before." - T. Veblen
would you be interested to add to the keyczar project also a
Javascript version of the libraries?
If this is the case, Clipperz has already implemented many of the core
crypto algorithms in Javascript and would be very pleased to
investigate how to contribute the code to the keyczar project, as we
are very interested in processing the data in a highly interoperable
way.
If this sounds interesting, just let me know.
Best regards,
Giulio Cesare
On Tue, Aug 12, 2008 at 7:30 PM, Arkajit Dey <arkaj...@gmail.com> wrote:
>
> [...]
On Wed, Aug 13, 2008 at 2:51 AM, Steve Weis <stev...@gmail.com> wrote:
>
> Hi Giulio. Yes, I'm very interested in building a Keyczar
> implementation on top of Clipperz or other Javascript libraries.
Great!!
> One idea I had was to keep the actual key files in Google Gears. Then you
> can pretty much do everything within the browser.
Why not just store all the key files on an hosting service encrypted
with a master passphrase?
I am very skeptical about requiring custom plug-ins, as this would
reduce dramatically the convenience of the system; but if you already
have some sound ideas, I would love to here them.
Ok. This make quite sense.
> For example, the Java implementation has an abstract Reader class that
> is currently only implemented by a FileReader. We could implement
> other types of readers that, say, derive a key from a password or read
> it from the network. People can also extend their own proprietary
> readers outside the package.
Ok. Got it.
What would you suggest as a first step to start the Javascript version
of the project?
As soon as I will have some more spare time, I will try to arrange the
code on the Javascript subdirectory to match as close as possible the
other versions.
If anybody else is willing to start sooner, I will be pleased to
provide some insight on the Clipperz code base.
Best regards,
Giulio Cesare