Looking for volunteers

[Bram Moolenaar]

Some parts of Vim need some more attention than they are currently
getting. Some are long-term feature requests that I think should be
implemented, some are unmaintained plugins.

One of the things that comes up now and then is that the strongest
encryption that Vim supports isn't very strong. Some argue that with a
powerful computer (or data center) it could be cracked. I have not ever
seen proof of that, but there are better algorithms available. You can
use an external crypt somehow, but there are doubts whether this is
safe. And it won't work for the swap or undo file.

This requires finding a portable implementation that is "state of the
art" and has a compatible license. The implementation must make sure
that the encryption is not weakened by how the algorithm is used.

Anyone interested?

--
You got to work at a mill? Lucky! I got sent back to work in the
acid-mines for my daily crust of stale bread... which not even the
birds would eat.

/// Bram Moolenaar -- Br...@Moolenaar.net -- http://www.Moolenaar.net \\\
/// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
\\\ an exciting new programming language -- http://www.Zimbu.org ///
\\\ help me help AIDS victims -- http://ICCF-Holland.org ///

[Gregory Seidman]

On Wed, Jul 03, 2019 at 11:43:52PM +0200, Bram Moolenaar wrote:
[...]

> This requires finding a portable implementation that is "state of the
> art" and has a compatible license. The implementation must make sure
> that the encryption is not weakened by how the algorithm is used.

Doing modern passphrase-based encryption in a secure way is pretty easy. A
simple and secure approach is to use the AES-256-CBC cipher on the actual
data, using the SHA256 hash of the passphrase as the encryption key and the
MD5 hash of the passphrase as the initialization vector (IV).

Another option is to generate a random key and IV then encrypt that with
3DES and place it as a header on the ciphertext. People with a deeper
understanding of math can chime in with analysis of the relative randomness
and security of a SHA256 hash of a passphrase vs. the randomness of a
locally generated key and security of 3DES. Either way, the user sees it as
a passphrase being used to encrypt and decrypt.

As for compatible licenses, GnuTLS is LGPL and supports all three (SHA256,
MD5, and AES-256-CBC). OpenSSL 3.0.0 and later is Apache v2 and supports
all three. LibreSSL is under the same dual license as OpenSSL pre-3.0.0,
both of which are BSD-like licenses (probably compatible?), and supports
all three. Another one I don't know as well, but implements SSL/TLS so
(almost) certainly implements both hashes and the cipher, is mbedTLS
(Apache 2.0 or GPLv2).

I'm not sure what the criteria are for "portable", but I believe all of
those build on (and may even be provided by) every platform Vim supports.

--Greg
P.S. I'm not volunteering to do the development. My plate is full.

> Anyone interested?
>
> --
> You got to work at a mill? Lucky! I got sent back to work in the
> acid-mines for my daily crust of stale bread... which not even the
> birds would eat.
>
> /// Bram Moolenaar -- Br...@Moolenaar.net -- http://www.Moolenaar.net \\\
> /// sponsor Vim, vote for features -- http://www.Vim.org/sponsor/ \\\
> \\\ an exciting new programming language -- http://www.Zimbu.org ///
> \\\ help me help AIDS victims -- http://ICCF-Holland.org ///
>

> --
> --
> You received this message from the "vim_dev" maillist.
> Do not top-post! Type your reply below the text you are replying to.
> For more information, visit http://www.vim.org/maillist.php
>
> ---
> You received this message because you are subscribed to the Google Groups "vim_dev" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to vim_dev+u...@googlegroups.com.
> To view this discussion on the web visit https://groups.google.com/d/msgid/vim_dev/201907032143.x63Lhqa9001188%40masaka.moolenaar.net.
> For more options, visit https://groups.google.com/d/optout.
>

[Christian Brabandt]

On Mi, 03 Jul 2019, Bram Moolenaar wrote:

>
> Some parts of Vim need some more attention than they are currently
> getting. Some are long-term feature requests that I think should be
> implemented, some are unmaintained plugins.
>
> One of the things that comes up now and then is that the strongest
> encryption that Vim supports isn't very strong. Some argue that with a
> powerful computer (or data center) it could be cracked. I have not ever
> seen proof of that, but there are better algorithms available. You can
> use an external crypt somehow, but there are doubts whether this is
> safe. And it won't work for the swap or undo file.
>
> This requires finding a portable implementation that is "state of the
> art" and has a compatible license. The implementation must make sure
> that the encryption is not weakened by how the algorithm is used.

Some more information about the current problems are here:
https://github.com/vim/vim/issues/639
https://github.com/vim/vim/issues/638

If I remember correctly, libsodium https://github.com/jedisct1/libsodium
has been suggested for providing the encryption solution. This would be
a good way to have a library handle the encryption part securely instead
of trying to solve and implement it ourselves.

Unfortunately, I have not the time to take a look at it myself. I have
been more and more busy with my day job and my family and in my spare
time, I barely find enough time to handle issues here and maintain the
various plugins. I already have quite a bit of issues to look at but
hardly find time for it, sorry.

Best,
Christian