Re: ChaCha20/Poly1305 in OpenSSL?

[Jeffrey Walton]

>> But I have not been able to find its trail:
>>
>> $ cd openssl-git
>> $ git pull
>> Already up-to-date.
>> $ grep -R -i chacha *
>> $ grep -R -i poly1305 *
>> $
>>
>> Where are the new cipher suites located in OpenSSL?
>
> $ git checkout 1.0.2-aead
>
> They are there... Just not merged into mainline. I would be also
> interested in knowing whether there is any ETA for that.

I just checked the dev branch again, and I did not see them.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org

[Matt Caswell]

On 07/10/14 18:07, Jeffrey Walton wrote:
>>> But I have not been able to find its trail:
>>>
>>> $ cd openssl-git
>>> $ git pull
>>> Already up-to-date.
>>> $ grep -R -i chacha *
>>> $ grep -R -i poly1305 *
>>> $
>>>
>>> Where are the new cipher suites located in OpenSSL?
>>
>> $ git checkout 1.0.2-aead
>>
>> They are there... Just not merged into mainline. I would be also
>> interested in knowing whether there is any ETA for that.
>
> I just checked the dev branch again, and I did not see them.

The particular branch in question is not current:
http://marc.info/?l=openssl-dev&m=140189910129029&w=2

The spec still appears to be moving. I note the date on this is only 6
weeks old:
https://datatracker.ietf.org/doc/draft-irtf-cfrg-chacha20-poly1305

Matt

[Salz, Rich]

> The spec still appears to be moving. I note the date on this is only 6 weeks
> old:
> https://datatracker.ietf.org/doc/draft-irtf-cfrg-chacha20-poly1305

The spec is done. That was a minor update, as I recall. But it's in last call state right now. My money's on quick adoption as soon as the various IETF timers run out.

/r$
--
Principal Security Engineer, Akamai Technologies
IM: rs...@jabber.me Twitter: RichSalz

[Jeffrey Walton]

On Tue, Oct 7, 2014 at 12:42 PM, Matt Caswell <ma...@openssl.org> wrote:
>
>
> On 07/10/14 18:07, Jeffrey Walton wrote:
>>>> But I have not been able to find its trail:
>>>>
>>>> $ cd openssl-git
>>>> $ git pull
>>>> Already up-to-date.
>>>> $ grep -R -i chacha *
>>>> $ grep -R -i poly1305 *
>>>> $
>>>>
>>>> Where are the new cipher suites located in OpenSSL?
>>>
>>> $ git checkout 1.0.2-aead
>>>
>>> They are there... Just not merged into mainline. I would be also
>>> interested in knowing whether there is any ETA for that.
>>
>> I just checked the dev branch again, and I did not see them.
>
> The particular branch in question is not current:
> http://marc.info/?l=openssl-dev&m=140189910129029&w=2
>

Sorry to dig up an old thread...

I've been using 1.0.2 lately, and the cipher suites are not available
(or do not appear to be available):

$ /usr/local/ssl/darwin/bin/openssl ciphers | grep -i chacha
$ /usr/local/ssl/darwin/bin/openssl ciphers | grep -i poly
$ /usr/local/ssl/darwin/bin/openssl version
OpenSSL 1.0.2a 19 Mar 2015

Any ideas when these will make it into OpenSSL?
_______________________________________________
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[Salz, Rich]

It's unlikely to appear in 1.0.2 as it's a new feature.

CloudFlare has posted patches that seem like they would drop in easily, for folks that want to do it; see https://blog.cloudflare.com/do-the-chacha-better-mobile-performance-with-cryptography/

--
Senior Architect, Akamai Technologies
IM: rs...@jabber.me Twitter: RichSalz

[Pavel Punsky]

Following github repo has 1.0.2a with chacha20poly1305 patch from CloudFlare applied to it:
https://github.com/eakraly/openssl

And this one has chacha20poly1305 implementation from different source (1.0.2-aead branch in openssl)
https://github.com/PeterMosmans/openssl

Pavel Punsky

[Jeffrey Walton]

On Mon, Mar 23, 2015 at 10:36 AM, Salz, Rich <rs...@akamai.com> wrote:
> It's unlikely to appear in 1.0.2 as it's a new feature.
>
> CloudFlare has posted patches that seem like they would drop in easily, for folks that want to do it; see https://blog.cloudflare.com/do-the-chacha-better-mobile-performance-with-cryptography/
>

Thanks Rich.

I see Adam Langley's patch here:
https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9a8646510b

Any ideas why it was not accepted or not merged? (I'm assuming it was
not merged because it was rejected for some reason).

Jeff

[Salz, Rich]

> I see Adam Langley's patch here:
> https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9a8646510b
>
> Any ideas why it was not accepted or not merged? (I'm assuming it was not
> merged because it was rejected for some reason).

I thought his patch came before the IETF final doc, which changed some things.

[Jeffrey Walton]

On Wed, Mar 25, 2015 at 12:36 PM, Salz, Rich <rs...@akamai.com> wrote:
>> I see Adam Langley's patch here:
>> https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9a8646510b
>>
>> Any ideas why it was not accepted or not merged? (I'm assuming it was not
>> merged because it was rejected for some reason).
>
> I thought his patch came before the IETF final doc, which changed some things.
>

It appears we are also waiting on the cipher suite values. See "Cipher
suite values for ChaCha20/Poly1305?",
http://www.ietf.org/mail-archive/web/tls/current/msg15719.html.