taler
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Taler] crypto breakage


From: Christian Grothoff
Subject: [Taler] crypto breakage
Date: Sat, 07 Dec 2019 14:58:43 +0100
User-agent: Evolution 3.30.5-1.1

Dear all,

In the process of implementing the GNU Name System in Go and
implementing the Taler wallet cryptography in "native" libraries
independent from GNUnet, we discovered a number of non-standard
practices in the GNUnet crypto logic that made compatible
implementations unnecessarily difficult. While none of the issues
raised security concerns, we decided that clean implementations are
crucial and that we should modify the GNUnet C implementation to make
this possible.

At the same time, we also decided that GNS should default to using UTF-
8 instead of IDNA (die legacy DNS, die!), and that we should use the
opportunity to update our proof-of-work function to be less compatible
with ASICs.  The resulting code also implements the GNS standard we are
documenting in LSD0001 as part of our NGI grant from NLnet.

After weeks of preparation, I've decided to 'flip' the switches in the
gnunet.git to the new logic today -- simply to give it a bit of a
bigger whirl in anticipation of the GNUnet 0.12.0 release expected in
mid-December.


Please be aware that Git master is thus henceforth INCOMPATIBLE with
the 0.11.x GNUnet network, and interactions between old and new peers
will result in signature verification failures.  0.11.x peers will NOT
be able to communicate with Git master or 0.12.x peers.  There could be
further last-minute protocol changes, so if you have any that are ready
to go in, this week is your merge window.


For GNU Taler, this also means that the protocol changes, as Taler uses
the EdDSA and RSA cryptography from GNUnet.  New wallets using the new
crypto are to some extend already available or under "Google review".


Happy hacking!

Christian




reply via email to

[Prev in Thread] Current Thread [Next in Thread]