Skip to content

stsch9/go-secwkr

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

go-secwkr (simple encryption cli with key rotation)

Do not use in production. It is only a PoC.
This is a simple encryption cli. It is possible to rotate your key pair. An efficient update procedure renews the encrypted data so that this data can only be decrypted with the new key pair. The update can be done by an untrusted third party. A analogous procedure is used in Updatable Oblivious Key Management for Storage Systems.

How it works

Key Generation

A random ristretto255 key pair (a, A) is generated.

File Encryption

A ephemeral ristretto255 key pair (e, E) is generated for each file. The recipient's public key B is used to calculate a shared key, where (b, B) is the recipient's key pair:

shared_key = e B

This shared_key is used to calculte the file_key:

file_key = HKDF(secret=shared_key, salt=nonce, info="filekey")

where nonce = Random(32) and sha256 is used as hash function.

Finally, the file is encrypted with XChaCha20-Poly1305 and the file_key:

encrypted_file = XChaCha20-Poly1305(nonce=Random(24), plaintext=file, additionalData="")

The two random numbers are stored in the encrypted file. The ephemeral public key is stored in an extra file, since it changes with key rotation.
To be honest, ChaCha20-Poly1305 with a fixed nonce would probably suffice, since a random nonce has already been used to create the file_key(see age Spec).

File Decryption

The receiver uses the private key b and the ephemeral public key E to calculate the shared_key.

shared_key = b E = e B

With this shared_key and the two nonces, the recipient can decrypt the file.

Key Rotation

A new random ristretto255 key pair (b_1, B_1) is generated. In addition, a so-called factor file is created, which contains the scalar product of b and the multiplicative inverse of b_1:

factor = b (b_1)^-1

Rekey

The ephemeral public key of all files is multiplied by the factor generated during key rotation:

E_1 = factor E

This allows the recipient to decrypt the files with his new private key b_1, since the recipient receives the same shared_key as the sender:

b_1 E_1 = b_1 factor E = b_1 (b (b_1)^-1) E = b E = e B = shared_key

Since neither the new private key b_1 nor the old private key bcan be calculated from the factor, the rekey operation can be executed by an untrusted third party.

Usage

Usage:
    	secwkr keygen
	secwkr [-s KEYFILE_PATH] keyrotate
	secwkr [-f FACTOR_FILE_PATH] rekey ENCAP_FILE_PATH
	secwkr [-r RECIPIENT_FILE] encrypt INPUT_FILE OUTPUT_FILE
	secwkr [-s KEYFILE_PATH] [-e ENCAP_FILE_PATH] decrypt INPUT_FILE OUTPUT_FILE
	
Options:
	-s PATH		Path to Secret Key File. Default: secretkey
	-f PATH		Path to factor File. Default: factor
	-r PATH		Path to Recipient File. Default: recipient
	-e PATH		Path to Encapsulation File. Default: <INPUT_File>.encap

Example

Key Generation

go run main.go keygen

Generates a ristretto255 keypair and writes the secret key into the file secretkey and the public key into the file publickey.

File Encryption

cp publickey recipient
go run main.go encrypt test test.enc

Encrypts the file test and writes the ciphertext to the file test.enc. In addition, the file test.enc.encap is created, which contains the ephemeral public key (encapsulation).

Key Rotation

go run main.go keyrotate

Generates a new ristretto255 key pair and writes them into the files secretkey and publickey again. In addition, a factor file is created in the directory in which the secretkey file is located. This file is necessary for the rekey function.

Rekey encrypted Files

go run main.go rekey test.enc.encap

The ephemeral public key of the encrypted file is changed so that it can be decrypted with the new secret key. More precise:

factor * ephemeral PK = (newSK)^-1 (oldSK) * ephemeral PK

File Decryption

go run main.go decrypt test.enc test.dec

Decrypts the file test.enc and writes the plaintext to text.dec.

Releases

No releases published

Packages

No packages published

Languages