anish-m-code / pqcrypt Goto Github PK

currently if incorrect password is entered , no warning is displayed we have to guess it by checking if document was correctly decrypted or not. We must add a mechanism to show password incorrect to improve usability.

Need to create python virtual environment as in install.sh to ensure run.sh works properly.

Currently no message authentication codes or Encrypted authentication is present which makes encryption of confidential documents using this program vulnerable to cyberattacks as the ciphertext can be modified by an Attacker.

we should use venv , as its most appropriate to fix this.

Add support for non-nist algorithms and create separate sections so that users can use it if they need it.

AES-CFB is not popularly used , AES-CTR looks like a better alternative , as far as AEAD is considered AES-OBC and AES-GCM look more promising which is available in cryptography package.

We must review if we are explaining better what PQcrypt is and how it might be useful to people , Also currently Image of pqcrypt tool shown in readme is broken.

Currently, the README is only available in English, limiting the project's reach to a specific audience. The README.md file serves as a project's introduction, providing essential information to developers and potential users. By being exclusively in English, the PQcrypt's README restricts access to those who don't have a strong command of the language, including: Brazilian and other Portuguese-speaking developers: A significant portion of the developer community in Brazil and other Portuguese-speaking countries has an intermediate or basic level of English, making it difficult to understand the technical content of the README. End users Even end users who are not developers may be interested in PQcrypt, but the language barrier can prevent them from exploring the project.

We need to create virtual environment and install required packages in virtual environment , need to modify fedora_install.sh and fedora_run.sh accordingly. we can use build.sh and run.sh as reference.

Refer https://arstechnica.com/information-technology/2022/08/sike-once-a-post-quantum-encryption-contender-is-koed-in-nist-smackdown/

Since PQcrypt is a rolling release software based on liboqs , maybe as soon as we git clone liboqs locally during installation we must run a sha512 hash over the locally cloned repository and use sha512 hash output as build version, this hash should be added in encrypted messages , the receiver should check this build version with his own and discard message if build versions mismatch. This logic has to be done in code, or perhaps if any better mechanism exists we might think over it.

It is a best practice to use KDF like HKDF to derive key directly from shared secret , initially it was considered safe to use shared secret according to discussion below : -

open-quantum-safe/liboqs-python#54

Most KEMs are safe using above approach but for safety side we should implement KDF to derive key as discussed in crypto.stackexchange.com below: -

https://crypto.stackexchange.com/questions/89795/can-a-kem-shared-secret-be-used-directly-as-a-symmetric-key

HKDF can also be used to generate multiple keys from single shared secret which can be helpful in solving issue #5

Currently none of AEAD ciphers in cryptography package support key commitment , but key commitment is a good to have property
refer discussions on https://crypto.stackexchange.com/questions/88716/understanding-the-impact-of-partitioning-oracle-attacks-on-stream-ciphers and https://crypto.stackexchange.com/questions/6075/is-encrypthmac-stronger-than-aead?noredirect=1&lq=1

I strongly believe its worthwhile to implement a key committing AEAD like AES-CTR with HMAC-SHA512 ,its unlikely to suffer major crypto mistakes if coded properly, any future contributors may refer discussion here https://crypto.stackexchange.com/questions/101612/common-pitfalls-to-be-taken-care-of-while-implementing-encrypt-then-hmac-scheme and guidelines here https://github.com/samuel-lucas6/Cryptography-Guidelines to replace AES-GCM used in PQcrypt.