Version 23 (modified by DISABLED, 7 years ago) (diff)

This page summarizes the current state of the I2P cryptography.

Currently used ciphers

Cipher Used lengths Perceived vulnerability
ElGamal 2048
AES 256 bit keys, 128 bit blocks, CBC mode
DSA 1024
SHA256 256

Cipher usage

Router aspect Cipher used Security timescale Usage details Comments
NTCP handshake DSA ???
SSU handshake DSA ???
RouterInfo signing DSA ???
LeaseSet signing? DSA Years
LeaseSet revocation (unused) DSA ???
I2CP Session Config signing DSA ???
Datagram signing DSA ???
Streaming message signing DSA ???
SUD signing DSA Years and years

Potential new ciphers

Asymmetric ciphers

Cipher Suggested lengths Implementability Comments
EC-DSA Supported in Java7 Already used in I2PBote (via bouncycastle?)
RSA Probably not a good security/performance tradeoff.

Symmetric ciphers

Cipher Suggested lengths Implementability Comments
AES A good choice due to broad hardware support


Cipher Implementability Comments

HMAC (hash-based message authentication code)

Cipher Implementability Comments