[ipxe-devel] Improving SSL cipher suite?
mcb30 at ipxe.org
Fri Nov 15 21:07:24 UTC 2019
On 13/11/2019 20:05, Santiago Torres-Arias wrote:
> - Move from CBC to GCM -> would require us to implement this new cipher
> block chaining (for which I can propose patches).
> - Move from RSA key derivation to DSA/EDDSA variants for key derivation.
> This would require implementing a new key derivation function. (for
> this one I could also help, but I'd most likely want somebody familiar
> with the codebase to help me navigate what's the best way forward).
> However, the rest of the stack can still safely remain on RSA, and thus
> we wouldn't need to reimplement other parts for the forseeable future.
> As a result, we would be able to support EDDSA-RSA-AES-GCM suites, which
> are probably best practice for a couple of years.
> What does everybody think?
I would suggest implementing and submitting GCM first, since that is
likely to be a small and self-contained piece of work.
CBC in iPXE is implemented as a wrapper layer around an arbitrary
underlying block cipher: GCM should use the same approach.
The CBC implementation is wholly contained in include/ipxe/cbc.h and
crypto/cbc.c. This is then wrapped around raw AES using the
CBC_CIPHER() macro to create aes_cbc_algorithm in crypto/aes.c, and the
resulting AES-xxx-CBC ciphers are then tested for correctness (and
performance) in tests/aes_test.c.
As with the existing crypto code, test coverage will be required, and
should ideally use the published NIST test vectors.
Hope that helps, and thanks in advance!
More information about the ipxe-devel