CodeMirror/Picocrypt
1
0
Fork 0
mirror of https://github.com/HACKERALERT/Picocrypt.git synced 2024-05-19 03:32:51 +12:00
Code Issues Projects Releases Wiki Activity

Internals.md: Fix typos and reword a few bits.

Browse source
This commit is contained in:
Samuel Lucas 2021-06-03 15:50:09 +01:00 committed by GitHub
parent 34ca8d46ca
commit 78864a47ae
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
Internals.md
View file

@ -1,20 +1,19 @@
# Internals
If you're wondering about how Picocrypt handles cryptography, you've come to the right place! This page will contain the technical details about the cryptographic schemes and formats used.
If you're wondering about how Picocrypt handles cryptography, you've come to the right place! This page contains the technical details about the cryptographic algorithms and file format.
# Core Cryptography
## Encryption
Picocrypt uses these algorithms list of algorithms for encryption:
- XChaCha20 (IETF variant)
- Poly1305
Picocrypt uses the following algorithms for encryption:
- XChaCha20-Poly1305 (IETF variant)
- SHA3
- Argon2id
The first two of them are provided by <a href="https://monocypher.org">Monocypher</a>. Since Monocypher has been audited by Cure53, it's an extremely secure library. To bind Picocrypt (Go) to Monocypher (C), I created a binding called <a href="https://github.com/HACKERALERT/Monocypher-GO">Monocypher-Go</a>, which binds Go to C. For SHA3, Picocrypt uses Go's standard `golang.org/x/crypto/sha3`. For Argon2id, Picocrypt also uses Go's standard `golang.org/x/crypto/argon2`.
The first is provided by <a href="https://monocypher.org">Monocypher</a>, a library that has been <a href="https://monocypher.org/quality-assurance/audit">audited</a> by Cure53. To bind Picocrypt (written in Go) to Monocypher (written in C), I created a binding called <a href="https://github.com/HACKERALERT/Monocypher-GO">Monocypher-Go</a>. For SHA3, Picocrypt uses Go's built-in `golang.org/x/crypto/sha3`. For Argon2id, Picocrypt also uses Go's built-in `golang.org/x/crypto/argon2`.
### Here's how encryption works:
- An master key is generated by passing the user's password through Argon2id. If fast mode is enabled, Picocrypt uses Argon2id with 4 passes, 128 MiB of memory, and 4 threads. If fast mode is not enabled, Picocrypt uses much more resrouces, with 8 passes, 1 GiB of memory, and 8 threads.
- A SHA3-256 hash of the master key is generated and stored. This is used to let a user know if their password is correct. Note that this is a hash of the <i>derived</i> key, so it doesn't provide any vector for bruteforce.
- Encryption starts in 1 MiB chunks (1048576 bytes). For each chunk, a 24-byte nonce is generated through Go's `crypto/rand`. The nonce is appended into a list. The chunk is encrypted with the master key and unique nonce. The Poly1305 obtained after encrypting is appended to the chunk, which is then written to file.
- When all chunks are encrypted, the list of nonces are encrypted using the master key, and the resulting ciphertext and Poly1305 is written to the output. This is done not to protected the nonces themselves, but to add a layer of Poly1305 on top of the nonces to ensure that they can't be reordered.
- A master key is generated by hashing the user's password using Argon2id. If fast mode is enabled, Picocrypt uses Argon2id with 4 passes, 128 MiB of memory, and 4 threads. If fast mode is not enabled, Picocrypt uses 8 passes, 1 GiB of memory, and 8 threads.
- A SHA3-256 hash of the master key is generated and stored. This is used to let the user know if their password is correct. Note that this is a hash of the <i>derived</i> key, so it cannot be bruteforced.
- Encryption occurs in 1 MiB chunks (1048576 bytes). For each chunk, a 24-byte nonce is generated using Go's `crypto/rand`. The nonce is then appended to a list. The chunk is encrypted with the master key and the unique nonce. The Poly1305 tag is obtained after encryption and is appended to the chunk before the chunk is written to file.
- When all the chunks have been encrypted, the list of nonces is encrypted using the master key and written to the file. This is done to prevent the nonces from being reordered.
# This is a work in progress...