Cryptography
Encryption in Algebraic
There are two distinct steps when Algebraic encrypts a file.
In the first step, namely password hashing, Algebraic derives an encryption key from a user-supplied password. In the second step, namely data encryption, Algebraic encrypts file data and file metadata using the derived encryption key.
Password Hashing
The password hashing step computes an encryption key from a user-supplied
password.
Password hashing is meant to be computationally expensive. The idea is that an adversary that may attempt to guess the encryption password through brute force (i.e. trying every possible password combination) will find it practically infeasible due to the computationally expensive nature of the password hashing step.
Algebraic uses the Argon2id password hash from the Argon2 family. The hash is designed to resist both side-channel attacks, due to operating partially in a password independent order, and cracking attacks, due to operating partially in a password dependent order.
Argon2 was the winner of the latest Password Hashing Competition that ran from 2013–2015.
The latest versions of Algebraic use the following Argon2id parameters.
| Argon2id parameter | Value |
|---|---|
| Memory | 4 gibibyte |
| Parallelism | Number of logical CPUs |
| Time (or Iterations) | 1 |
Data Encryption
Encrypting data with the latest versions of Algebraic guarantees both confidentiality and authenticity of the data.
Confidentiality means that an adversary cannot view the underlying sensitive data without knowing the original encryption password or encryption key. Authenticity means that, if an adversary tampers with an encrypted file, Algebraic will detect that the data has been compromised.
Algebraic uses XChaCha20-Poly1305 for encryption of the metadata header and the file data. The 256-bit encryption key is obtained from the eariler password hashing step.
| Section | Encryption | Security | Key size |
|---|---|---|---|
| File metadata | XChaCha20-Poly1305 | Authenticity, confidentiality | 256 bit |
| File data | XChaCha20-Poly1305 | Authenticity, confidentiality | 256 bit |
For more details read Algebraic's file format specification.
Implementations
Algebraic uses the following open source cryptography packages.
- Go package crypto/rand
- Go packages in golang.org/x/crypto, particularly argon2 and chacha20poly1305
- Libsodium, particularly the crypto_secretstream API
