On 2020-01-26 16:01, Mark Rotteveel wrote:
The RFC-8439 specification of ChaCha20 defines only a 256 bit key, but
the way the Srp authentication protocol in Firebird works, will
generate a 160 bit key. Looking through the implementation in
Firebird, this will result in using a 128 bit key (the first 128 bits
of the key).
However, as RFC-8439 specifies a 256 bit key, a lot of implementations
of ChaCha20 only support a 256 bit key. As a result, I think
interoperability will be hard.
In the 128 bit variant, the first bytes of the initialization are (see
[1]):
"expand 16-byte k"
and the key is repeated to get a length of 256 bit, while in the 256
bit variant the first bytes are:
"expand 32-byte k"
Maybe instead the key should be stretched to 256 bit (eg using SHA256)
instead? This would ensure that a 256 bit key is always used, and
allows interoperability with implementations that only support 256 bit
keys.
In addition, this would reduce key length for auth plugins generating
longer keys while not just discarding bits.
In https://tools.ietf.org/html/rfc7539 I see the following:
The ChaCha algorithm described here uses a 256-bit key. The original
algorithm also specified 128-bit keys and 8- and 12-round variants,
but these are out of scope for this document.
I.e. I tend to agree that no matter of the fact that 128-bit is also
absolutely acceptable variant of ChaCha 256-bit key is often treated as
preferred one. Yes, we can stretch 20-byte key in some way and even
avoid discarding bits using sha or some other way (128-bit key is just
self concatenated in ChaCha).
The only place that appears to have not one answer - what to do with
exactly 128-bit key? If people provide that key from non-standard plugin
they may expect using it according to chacha specification. On the other
hand we loose generic approach and have all problems described by you
earlier if we use std 128-bit key for chacha. Currently we do have
128-bit keys, they come from win_sspi.
Firebird-Devel mailing list, web interface at
https://lists.sourceforge.net/lists/listinfo/firebird-devel
