Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:90445
Return-Path: <scott@paragonie.com>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 70236 invoked from network); 10 Jan 2016 04:24:05 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 10 Jan 2016 04:24:05 -0000
Authentication-Results: pb1.pair.com header.from=scott@paragonie.com; sender-id=unknown
Authentication-Results: pb1.pair.com smtp.mail=scott@paragonie.com; spf=permerror; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain paragonie.com from 209.85.215.44 cause and error)
X-PHP-List-Original-Sender: scott@paragonie.com
X-Host-Fingerprint: 209.85.215.44 mail-lf0-f44.google.com  
Received: from [209.85.215.44] ([209.85.215.44:34467] helo=mail-lf0-f44.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id CC/A8-14657-2ECD1965 for <internals@lists.php.net>; Sat, 09 Jan 2016 23:24:03 -0500
Received: by mail-lf0-f44.google.com with SMTP id d17so31385878lfb.1
        for <internals@lists.php.net>; Sat, 09 Jan 2016 20:24:02 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=paragonie-com.20150623.gappssmtp.com; s=20150623;
        h=mime-version:date:message-id:subject:from:to:content-type;
        bh=YNB2LJLfcGj284qs5RulxNWV53B5x77UGKSWsX1qmRE=;
        b=r6+etERx0kPXWFjToiVzxLF+DD+kDRrOyT4JfKVshtkh4IaFpY1BFBTomBElfIXMB0
         mY3kNDbbjJEU44hgQuA0Xcz6hvY03owR7Lu2KWpF+DPizYXSqV9BWQPIy7GtP1ggr+ij
         Ry9nRlb4VZFCSjC7DhmqFbipWGeZnhVmJ/nDGtOIX9S8AkAdiSyK4cIpsnySznlAimjq
         k8myWF9aNJORlAUyWOn6mw0IsiHXY8oT8P8OvNiUemQ09zU/sdRoAliX1BOecIjMFi7V
         CitXQn3/9XD6r7HvZqgzQrwbJS7BYsWJy9pcLVMgN23t4iOniMQV41AEgH1/hmkX9PtJ
         W/tg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20130820;
        h=x-gm-message-state:mime-version:date:message-id:subject:from:to
         :content-type;
        bh=YNB2LJLfcGj284qs5RulxNWV53B5x77UGKSWsX1qmRE=;
        b=jdOqEcgunCUalPzumjsqLPdfbfZgJIFWQy/kZwA82v7FdgTt6K8WqxfBSkDB7mpk+V
         hdg5L24kA+BevYi2+xJ2Qu34eMfs7nMllBzyuM02P85MHC1omtw1jB5q60Wo6qGFfcWq
         SCfVO/12KOIayOquPjzWYmgFYfZztYLQlLXCeh2LJcKS7RMzVoj2qlVtPiOsjFYOU6VP
         6sHQX/wIlcFIz3Mrb4KFzA4gTh0aqMWdsUjViI4/CwBc5PpfDoj11kSuZRpRbmsHYqLP
         nj7OVhNnxocWd/iTlWKro+GQsAvrI8pyrA2myFyIJez5qrqhmc29DVPtYloTZiJNgelG
         V5Pw==
X-Gm-Message-State: ALoCoQnNMVnOfXHEvbcyaBrLwF8KRJNoNL+gK8AYPfwTIHg8jVTVl8wY3LWjgirgvZVVt5yBjmLNwBX4GR/djjcJ/rkA6srUng==
MIME-Version: 1.0
X-Received: by 10.25.91.139 with SMTP id p133mr23334002lfb.108.1452399839491;
 Sat, 09 Jan 2016 20:23:59 -0800 (PST)
Received: by 10.114.160.13 with HTTP; Sat, 9 Jan 2016 20:23:59 -0800 (PST)
Date: Sat, 9 Jan 2016 23:23:59 -0500
Message-ID: <CAKws9z3Bdi=ehFn+QMah2BR7NQJSq91-WimPCdro=7i2CQSiQg@mail.gmail.com>
To: PHP Internals <internals@lists.php.net>
Content-Type: text/plain; charset=UTF-8
Subject: [RFC] PHP 7.1 - Simple Cryptography Interface
From: scott@paragonie.com (Scott Arciszewski)

I'd like to make cryptography drop-dead simple in PHP 7.1 and
thereafter. The simplest thing to do is to provide a simple front-end
API, designed for human usability, that abstracts away the
complexities of cryptography engineering.

I've started writing an RFC draft here: https://wiki.php.net/rfc/php71-crypto

These are the rules I'd like everyone to keep in mind when proposing
changes to these features:

1. Security is the first priority. It is absolutely unacceptable to
add a cryptographic side-channel or render this library vulnerable to
any sort of chosen-ciphertext attack.ECB mode is completely off the
table.
2. Simple is good. Developers should not need to know what a nonce is,
nor should they be given the opportunity to weaken the protocol by
providing their own.

Some general guidelines that I feel particularly strong about but
others might contest:

For 7.1, we will only allow elliptic curve public key cryptography. In
the future, we might expand to include post-quantum cryptography. We
must absolutely not support RSA or classic (non-EC) Diffie Hellman.

This is the overall process I'd like to follow for getting this ready
for PHP 7.1.

1. Develop a PHP extension, available in PECL, so developers can
implement it in PHP 7.0 projects to test it out. This process starts
today. I've set up a GIthub repository at
https://github.com/paragonie/php71_crypto for any developers that
would like to help.

2. The RFC/voting process. This starts as soon as we have a stable
implementation and drivers for both libsodium and openssl ready to go.

3. Formal code review from a third-party team of security experts
(Depending on how successful I am in my business ventures this year, I
might be able to cover the cost of this personally. I can't promise
anything today, however.)

4. Merge it into the PHP core before 7.1.0 is released.

Everyone is welcome to contribute, even if you're not a cryptography
expert. Non-experts are the people I intend to be able to use it, so
your feedback will be incredibly valuable.

Together, I believe we can make PHP 7.1 the pinnacle of usable security. :)

Scott Arciszewski
Chief Development Officer
Paragon Initiative Enterprises <https://paragonie.com>