ValarDragon
6 years ago
1 changed files with 79 additions and 0 deletions
Split View
Diff Options
+ 79
- 0
docs/architecture/adr-015-symmetric-crypto.md
View File
| @ -0,0 +1,79 @@ | |||
| # ADR 015: Need for symmetric cryptography | |||
| ## Context | |||
| We require symmetric ciphers to handle how we encrypt keys in the sdk, | |||
| and to potentially encrypt `priv_validator.json` in tendermint. | |||
| Currently we use AEAD's to support symmetric encryption, | |||
| which is great since we want data integrity in addition to privacy and authenticity. | |||
| We don't currently have a scenario where we want to encrypt without data integrity, | |||
| so it is fine to optimize our code to just use AEAD's. | |||
| Currently there is not a way to switch out AEAD's easily, this ADR outlines a way | |||
| to easily swap these out. | |||
| ### How do we encrypt with AEAD's | |||
| AEAD's typically require a nonce in addition to the key. | |||
| For the purposes we require symmetric cryptography for, | |||
| we need encryption to be stateless. | |||
| Because of this we use random nonces. | |||
| (Thus the AEAD must support random nonces) | |||
| We currently construct a random nonce, and encrypt the data with it. | |||
| The returned value is `nonce || encrypted data`. | |||
| The limitation of this is that does not provide a way to identify | |||
| which algorithm was used in encryption. | |||
| Consequently decryption with multiple algoritms is sub-optimal. | |||
| (You have to try them all) | |||
| ## Decision | |||
| We should create the following two methods in a new `crypto/encoding/symmetric` package: | |||
| ```golang | |||
| func EncryptSymmetric(aead cipher.AEAD, plaintext []byte) (ciphertext []byte, err error) | |||
| func DecryptSymmetric(key []byte, ciphertext []byte) (plaintext []byte, err error) | |||
| func RegisterSymmetric(aead cipher.AEAD, algo_name string, NewAead func(key []byte) (cipher.Aead, error)) error | |||
| ``` | |||
| This allows you to specify the algorithm in encryption, but not have to specify | |||
| it in decryption. | |||
| This is intended for ease of use in downstream applications, in addition to people | |||
| looking at the file directly. | |||
| One downside is that for the encrypt function you must have already initialized an AEAD, | |||
| but I don't really see this as an issue. | |||
| If there is no error in encryption, EncryptSymmetric will return `algo_name || nonce || aead_ciphertext`. | |||
| This requires a mapping from aead type to name. | |||
| We can achieve this via reflection. | |||
| ```golang | |||
| func getType(myvar interface{}) string { | |||
| if t := reflect.TypeOf(myvar); t.Kind() == reflect.Ptr { | |||
| return "*" + t.Elem().Name() | |||
| } else { | |||
| return t.Name() | |||
| } | |||
| } | |||
| ``` | |||
| Then we maintain a map from the name returned from `getType(aead)` to `algo_name`. | |||
| In decryption, we read the `algo_name`, and then instantiate a new AEAD with the key. | |||
| Then we call the AEAD's decrypt method on the provided nonce/ciphertext. | |||
| `RegisterSymmetric` allows a downstream user to add their own desired AEAD to the symmetric package. | |||
| ## Status | |||
| Proposed. | |||
| ## Consequences | |||
| ### Positive | |||
| * Allows us to support new AEAD's, in a way that makes decryption easier | |||
| * Allows downstream users to add their own AEAD | |||
| ### Negative | |||
| ### Neutral | |||
| * Caller has to instantiate the AEAD with the private key. | |||
| However it forces them to be aware of what signing algorithm they are using, which is a positive. | |||