==================
Encrypted LeaseSet
==================
.. meta::
    :author: zzz
    :created: 2016-01-11
    :thread: http://zzz.i2p/topics/2047
    :lastupdated: 2016-01-12
    :status: Rejected
    :supercededby: 123

.. contents::


Overview
========

This proposal is about redesigning the mechanism for encrypting LeaseSets.


Motivation
==========

Current encrypted LS is horrendous and insecure. I can say that, I designed and
implemented it.

Reasons:

- AES CBC encrypted
- Single AES key for everybody
- Lease expirations still exposed
- Encryption pubkey still exposed


Design
======

Goals
-----

- Make entire thing opaque
- Keys for each recipient


Strategy
--------

Do like GPG/OpenPGP does. Asymmetrically encrypt a symmetric key for each
recipient. Data is decrypted with that asymmetric key. See e.g. [RFC-4880-S5.1]_
IF we can find an algo that's small and fast.

Trick is finding an asymmetric encryption that's small and fast. ElGamal at 514
bytes is a little painful here. We can do better.

See e.g. http://security.stackexchange.com/questions/824...

This works for small numbers of recipients (or actually, keys; you can still
distribute keys to multiple people if you like).


Specification
=============

- Destination
- Published timestamp
- Expiration
- Flags
- Length of data
- Encrypted data
- Signature

Encrypted data could be prefixed with some enctype specifier, or not.


References
==========

.. [RFC-4880-S5.1]
    https://tools.ietf.org/html/rfc4880#section-5.1