On Thu, Jan 29, 2015 at 9:18 AM, Niels Möller nisse@lysator.liu.se wrote:
Chacha with poly (not in the list above) however is more important to me to implement the final draft (on the current state the algorithm is fixed, only typos and other non-essential parts can be changed) https://tools.ietf.org/html/draft-irtf-cfrg-chacha20-poly1305-08
Thanks for the reminder. I agree that makes a lot of sense for 3.1. You have done some work to update of Nettle's implementation, but I don't remember the status?
I don't think I have anything. I remember I had an initial patch for the issues in https://www.mail-archive.com/nettle-bugs@lists.lysator.liu.se/msg01109.html but didn't pass the test vectors. I can't find it patch though.
It would be nice if the interface makes it possible to implement the other variants, like what's used in openssh, and nacl (or maybe nacl is using salsa20 rather than chacha?)?
Is it final then that openssh will not use the updated draft?
regards, Nikos