Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cryptography tweak wording related to "authenticated encryption", "MAC algorithm" #2495

Closed
randomstuff opened this issue Jan 2, 2025 · 3 comments
Closed

Cryptography tweak wording related to "authenticated encryption", "MAC algorithm" #2495

randomstuff opened this issue Jan 2, 2025 · 3 comments
Assignees
@danielcuthbert
Labels
6) PR awaiting review Bart Preneel Issues raised from a crypto review by Bart Preneel (received via Aram H) V6 _5.0 - prep This needs to be addressed to prepare 5.0

Comments

@randomstuff
Copy link
Contributor

We have received this feedback from Bart Preneel.

Current:

Applications need to be designed with strong cryptographic architecture to protect data assets as per their classification. Encrypting everything is wasteful, not encrypting anything is legally negligent. A balance must be struck, usually during architectural or high-level design, design sprints or architectural spikes. Designing cryptography as you go or retrofitting it will inevitably cost much more to implement securely than simply building it in from the start.

Proposed:

Applications need to be designed with strong cryptographic architecture to protect data assets as per their classification. Applying authenticated encryption to everything is wasteful, not applying authenticated encryption to anything is legally negligent. A balance must be struck, usually during architectural or high-level design, design sprints or architectural spikes. Designing cryptography as you go or retrofitting it will inevitably cost much more to implement securely than simply building it in from the start.

Current:

1.6.5 [ADDED] Verify that cryptographic discovery mechanisms are employed to identify all instances of cryptography in the system, including encryption, hashing, and signing operations.

Proposed:

1.6.5 [ADDED] Verify that cryptographic discovery mechanisms are employed to identify all instances of cryptography in the system, including authenticated encryption, hashing, and signing operations.

Current:

6.2.4 [MODIFIED, MERGED FROM 1.6.3] Verify that the application is designed with crypto agility such that random number, encryption or hashing algorithms, key lengths, rounds, ciphers or modes can be reconfigured, upgraded, or swapped at any time, to protect against cryptographic breaks. Similarly, it must also be possible to replace keys and passwords and re-encrypt data. This should allow for seamless upgrades to post-quantum cryptography (PQC), once PQC standards are fully established.

Proposed:

6.2.4 [MODIFIED, MERGED FROM 1.6.3] Verify that the application is designed with crypto agility such that random number, authenticated encryption, MAC algorithms or hashing algorithms, key lengths, rounds, ciphers or modes can be reconfigured, upgraded, or swapped at any time, to protect against cryptographic breaks. Similarly, it must also be possible to replace keys and passwords and re-encrypt data. This should allow for seamless upgrades to post-quantum cryptography (PQC), once PQC standards are fully established.

Current:

V6.5 Cipher Algorithms

Cipher algorithms such as AES and CHACHA20 form the backbone of modern cryptographic practice.

Proposed:

V6.5 Authenticated Encryption Algorithms

Authenticated encryption algorithms built on AES and CHACHA20 form the backbone of modern cryptographic practice.
@randomstuff
Copy link
Contributor Author

My suggestions and comments:

Applications need to be designed with strong cryptographic architecture to protect data assets as per their classification. Applying authenticated encryption to everything is wasteful, not applying authenticated encryption to anything is legally negligent. A balance must be struck, usually during architectural or high-level design, design sprints or architectural spikes. Designing cryptography as you go or retrofitting it will inevitably cost much more to implement securely than simply building it in from the start.

OK. It feels somewhat weird to explicitly state "authenticated encryption" at this point but I guess it works.

1.6.5 [ADDED] Verify that cryptographic discovery mechanisms are employed to identify all instances of cryptography in the system, including authenticated encryption, hashing, and signing operations.

I would not include "authenticated" here because we want to identify all instances of cryptography, even if they are not authenticated encryption :)

6.2.4 [MODIFIED, MERGED FROM 1.6.3] Verify that the application is designed with crypto agility such that random number, authenticated encryption, MAC algorithms or hashing algorithms, key lengths, rounds, ciphers or modes can be reconfigured, upgraded, or swapped at any time, to protect against cryptographic breaks. Similarly, it must also be possible to replace keys and passwords and re-encrypt data. This should allow for seamless upgrades to post-quantum cryptography (PQC), once PQC standards are fully established.

OK.

V6.5 Authenticated Encryption Algorithms

I would suggest "V6.5 Encryption" instead. The requirements in this section apply everytime you want to use encryption and one of these requirements should be to use authenticated encryption.

Authenticated encryption algorithms built on AES and CHACHA20 form the backbone of modern cryptographic practice.

OK.

@elarlang elarlang added the V6 label Jan 3, 2025
@jmanico
Copy link
Member

jmanico commented Jan 3, 2025

I am extremely grateful that Bart is providing this feedback. Any chance we can get these into 5.0?

CC @danielcuthbert

@tghosth tghosth added 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet _5.0 - prep This needs to be addressed to prepare 5.0 labels Jan 5, 2025
@tghosth
Copy link
Collaborator

tghosth commented Jan 5, 2025
edited
Loading

OK. It feels somewhat weird to explicitly state "authenticated encryption" at this point but I guess it works.

I think it is unnecessary, we are talking conceptually here.

I would not include "authenticated" here because we want to identify all instances of cryptography, even if they are not authenticated encryption :)

Agree

I would suggest "V6.5 Encryption" instead. The requirements in this section apply everytime you want to use encryption and one of these requirements should be to use authenticated encryption.

I propose Encryption at Rest as later on we talk about "In-Use Data Cryptography"

I agree with the other changes.

@tghosth tghosth added the Bart Preneel Issues raised from a crypto review by Bart Preneel (received via Aram H) label Jan 5, 2025
tghosth added a commit that referenced this issue Jan 5, 2025
@tghosth
Some minor wording changes to resolve #2495
562e698
@tghosth tghosth added 6) PR awaiting review and removed 1) Discussion ongoing Issue is opened and assigned but no clear proposal yet labels Jan 5, 2025
@tghosth tghosth mentioned this issue Jan 5, 2025
Merged
@tghosth tghosth closed this as completed in bda11c1 Jan 6, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@danielcuthbert danielcuthbert

Labels
6) PR awaiting review Bart Preneel Issues raised from a crypto review by Bart Preneel (received via Aram H) V6 _5.0 - prep This needs to be addressed to prepare 5.0
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@jmanico @randomstuff @danielcuthbert @tghosth @elarlang