49 | | || Tunnel Build Messages [8] || ElG || RI !EncKey || || || || |
50 | | || NetDB Lookups / Stores [8] || ElG/AES+SessionTag || || Years but... || || Only some are encrypted [8] Right now there's no limit on RI key lifetime but we could force a regeneration after a certain amount of time || |
51 | | || End-to-End Encryption [8] || ElG/AES+SessionTag || LS !EncKey || || || || |
52 | | || Transport key exchange [8] || DH || || || || Both NTCP and SSU || |
53 | | || NTCP Transport encryption [8] || AES || DH key || || || || |
54 | | || SSU Transport encryption [8] || AES || DH key || || || With nonstandard HMAC-MD5-128 [8] || |
55 | | || Tunnel encryption hop-by-hop [9] || AES || || || || See [9] for details || |
56 | | || Hashes [8] || SHA-256 || || || || Used as the netdb keys and would be very disruptive to change [8] || |
| 49 | || Tunnel Build Messages [#ref8 [8]] || ElG || RI !EncKey || || || || |
| 50 | || NetDB Lookups / Stores [#ref8 [8]] || ElG/AES+SessionTag || || Years but... || || Only some are encrypted [#ref8 [8]] Right now there's no limit on RI key lifetime but we could force a regeneration after a certain amount of time || |
| 51 | || End-to-End Encryption [#ref8 [8]] || ElG/AES+SessionTag || LS !EncKey || || || || |
| 52 | || Transport key exchange [#ref8 [8]] || DH || || || || Both NTCP and SSU || |
| 53 | || NTCP Transport encryption [#ref8 [8]] || AES || DH key || || || || |
| 54 | || SSU Transport encryption [#ref8 [8]] || AES || DH key || || || With nonstandard HMAC-MD5-128 [#ref8 [8]] || |
| 55 | || Tunnel encryption hop-by-hop [#ref9 [9]] || AES || || || || See [#ref9 [9]] for details || |
| 56 | || Hashes [#ref8 [8]] || SHA-256 || || || || Used as the netdb keys and would be very disruptive to change [#ref8 [8]] || |
62 | | || '''Cipher''' || '''Suggested length''' || '''Speed [6]''' || '''Security''' || '''Implementability''' || '''Comments''' || |
63 | | || [wiki:Crypto/ecdsa EC-DSA] || 256 || Sign.: 9203/s[[BR]]Verif.: 4658/s || Good [5] || Java7 !BouncyCastle || || |
64 | | || [wiki:Crypto/ecdsa EC-DSA] || 384 || Sign.: 4791/s[[BR]]Verif.: 1085/s || >Good [5]??? || Java7 !BouncyCastle || || |
65 | | || RSA-PKCS!#1 v1.5 || 2048 || Sign.: 770/s[[BR]]Verif.: 25184/s || Poor [5] || || || |
66 | | || RSA-PKCS!#1 v1.5 || 3072 || || Decent [5] || || || |
67 | | || RSA-PKCS!#1 v1.5 || 4096 || Sign.: 108/s[[BR]]Verif.: 6757/s || >Decent [5]??? || || || |
68 | | || RSA-PSS || 2048 || Sign.: 770/s[[BR]]Verif.: 25184/s || Decent [5] || || || |
69 | | || RSA-PSS || 3072 || || Good [5] || || || |
70 | | || RSA-PSS || 4096 || Sign.: 108/s[[BR]]Verif.: 6757/s || >Good [5]??? || || || |
71 | | || DSA || 160/1024 || Sign.: 8176/s[[BR]]Verif.: 7500/s || Poor [5] || || || |
72 | | || DSA || 224/2048[[BR]]256/2048 || Sign.: 2548/s[[BR]]Verif.: 2089/s || >Poor [5]???|| || |
73 | | || DSA || 256/3072 || || Decent [5] || || || |
| 62 | || '''Cipher''' || '''Suggested length''' || '''Speed [#ref6 [6]]''' || '''Security''' || '''Implementability''' || '''Comments''' || |
| 63 | || [wiki:Crypto/ecdsa EC-DSA] || 256 || Sign.: 9203/s[[BR]]Verif.: 4658/s || Good [#ref5 [5]] || Java7 !BouncyCastle || || |
| 64 | || [wiki:Crypto/ecdsa EC-DSA] || 384 || Sign.: 4791/s[[BR]]Verif.: 1085/s || >Good [#ref5 [5]]??? || Java7 !BouncyCastle || || |
| 65 | || RSA-PKCS!#1 v1.5 || 2048 || Sign.: 770/s[[BR]]Verif.: 25184/s || Poor [#ref5 [5]] || || || |
| 66 | || RSA-PKCS!#1 v1.5 || 3072 || || Decent [#ref5 [5]] || || || |
| 67 | || RSA-PKCS!#1 v1.5 || 4096 || Sign.: 108/s[[BR]]Verif.: 6757/s || >Decent [#ref5 [5]]??? || || || |
| 68 | || RSA-PSS || 2048 || Sign.: 770/s[[BR]]Verif.: 25184/s || Decent [#ref5 [5]] || || || |
| 69 | || RSA-PSS || 3072 || || Good [#ref5 [5]] || || || |
| 70 | || RSA-PSS || 4096 || Sign.: 108/s[[BR]]Verif.: 6757/s || >Good [#ref5 [5]]??? || || || |
| 71 | || DSA || 160/1024 || Sign.: 8176/s[[BR]]Verif.: 7500/s || Poor [#ref5 [5]] || || || |
| 72 | || DSA || 224/2048[[BR]]256/2048 || Sign.: 2548/s[[BR]]Verif.: 2089/s || >Poor [#ref5 [5]]???|| || |
| 73 | || DSA || 256/3072 || || Decent [#ref5 [5]] || || || |
100 | | [1] http://www.cryptopp.com/benchmarks.html [[BR]] |
101 | | [2] http://tools.ietf.org/html/rfc4492 [[BR]] |
102 | | [3] NIST 2011 http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_part1_rev3_general.pdf [[BR]] |
103 | | [4] http://www.keylength.com/en/compare/ [[BR]] |
104 | | [5] ECRYPT II 2012 http://www.ecrypt.eu.org/ecrypt2/documents/D.SPA.20.pdf [[BR]] |
105 | | [6] [wiki:Crypto/OpenSSLBench OpenSSL Benchmark] [[BR]] |
106 | | [7] http://en.wikipedia.org/wiki/RIPEMD - Citation needed [[BR]] |
107 | | [8] http://www.i2p2.i2p/how_cryptography and see more references there [[BR]] |
108 | | [9] http://www.i2p2.i2p/tunnel-alt.html tunnel encryption [[BR]] |
109 | | [10] http://zzz.i2p/topics/715 DSA replacement [[BR]] |
| 100 | [=#ref1 [1]] http://www.cryptopp.com/benchmarks.html [[BR]] |
| 101 | [=#ref2 [2]] http://tools.ietf.org/html/rfc4492 [[BR]] |
| 102 | [=#ref3 [3]] NIST 2011 http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_part1_rev3_general.pdf [[BR]] |
| 103 | [=#ref4 [4]] http://www.keylength.com/en/compare/ [[BR]] |
| 104 | [=#ref5 [5]] ECRYPT II 2012 http://www.ecrypt.eu.org/ecrypt2/documents/D.SPA.20.pdf [[BR]] |
| 105 | [=#ref6 [6]] [wiki:Crypto/OpenSSLBench OpenSSL Benchmark] [[BR]] |
| 106 | [=#ref7 [7]] http://en.wikipedia.org/wiki/RIPEMD - Citation needed [[BR]] |
| 107 | [=#ref8 [8]] https://geti2p.net/spec/cryptography and see more references there [[BR]] |
| 108 | [=#ref9 [9]] https://geti2p.net/en/docs/tunnels/implementation tunnel encryption [[BR]] |
| 109 | [=#ref10 [10]] http://zzz.i2p/topics/715 DSA replacement [[BR]] |