This page summarizes the current state of the I2P cryptography.

== Currently used ciphers ==

|| '''Cipher''' || '''Used lengths''' || '''Perceived vulnerability''' || '''Comments'''||
|| !ElGamal || 2048 || || ||
|| AES || 256 bit keys, 128 bit blocks, CBC mode || None ||  A good choice due to common support for hardware acceleration ||
|| DSA || 1024 || || ||
|| SHA256 || 256 || || Slow compared to SHA-3 ||

== Cipher usage ==

|| '''Router aspect''' || '''Cipher used''' || '''Security timescale''' ||'''Usage details''' || '''Comments''' ||
|| NTCP handshake || DSA || ???|| || ||
|| SSU handshake || DSA || ??? || || ||
|| !RouterInfo signing || DSA || ??? || || ||
|| [wiki:Crypto/leaseset_signing LeaseSet signing] || DSA || Years || 75% verif.? (guesstimation) || ||
|| !LeaseSet revocation (unused) || DSA || ??? || || ||
|| I2CP Session Config signing || DSA || ??? || || ||
|| Datagram signing || DSA || ??? || || ||
|| Streaming message signing || DSA || ??? || || ||
|| SUD signing || DSA || Years and years || 99% verif. || ||

== Potential new ciphers ==

=== Asymmetric ciphers ===
|| '''Cipher''' || '''Suggested length''' || '''Speed''' || '''Security''' || '''Implementability''' || '''Comments'''  ||
|| [wiki:Crypto/ecdsa EC-DSA] || 256 || Sign.: 	2.14ms/op w/ precomp. (2.88ms(op w/o precomp)[[BR]]Verif.: 3.58ms/op w/ precomp. (8.53ms/op w/o precomp) || Already used in I2PBote (via bouncycastle?) || || [1] ||
|| RSA || 2048 || Sign.: 6.05ms/op[[BR]]Verif.: 0.16ms/op. incl. || Reasonable? || || [1] ||
|| DSA || 1024 || Sign.: 0.42ms/op w/ precomp (0.45ms/op w/o precomp)[[BR]]Verif.: 0.67ms/op w/ precomp. (0.52ms/op w/o precomp)|| Reasonable? || || [1] ||

[1] http://www.cryptopp.com/benchmarks.html

=== Symmetric ciphers ===
|| '''Cipher''' || '''Suggested length''' || '''Speed''' || '''Security''' || '''Implementability''' || '''Comments'''  ||
|| Twofish || 256 Bits|| || 256-Bit twofish is faster than 256-bit Rijndael on the same hardware ||


=== Hashes ===
|| '''Cipher''' || '''Implementability''' || '''Comments''' ||
|| SHA3(Keccak) || || Faster than the SHA-2 family ||
|| RIPEMD-320 || || ||

=== HMAC (hash-based message authentication code) ===
|| '''Cipher''' || '''Implementability''' || '''Comments'''
|| HMAC_SHA256? || || ||