[zeromq-dev] CurveZMQ data encryption

Michal Rajčan rajcanius at gmail.com
Wed Aug 26 11:39:41 CEST 2015


Pieter Hintjens <ph <at> imatix.com> writes:

> 
> Read curvezmq.org for the security protocol.
> 
> On Thu, Aug 20, 2015 at 2:16 PM, Doron Somech <somdoron <at> gmail.com> wrote:
> > Symmetric encryption is used eventually, read http://nacl.cr.yp.to/ and
> > http://curvecp.org/
> >
> > Hi,
> >
> >
> >
> > How does data encryption using CurveZMQ work?
> >
> > I understand that during handshake client and server exchange short-term
> > keys- are these keys used to encrypt data in communication channel?
> >
> > Isn’t it ineffective, as it’s asymmetric cryptography (which is slower than
> > symmetric) used for encryption of, let’s say, big amount of data?
> >
> >
> >
> > Thanks,
> >
> >
> > Michal
> >
> >
> > _______________________________________________
> > zeromq-dev mailing list
> > zeromq-dev <at> lists.zeromq.org
> > http://lists.zeromq.org/mailman/listinfo/zeromq-dev
> >
> >
> > _______________________________________________
> > zeromq-dev mailing list
> > zeromq-dev <at> lists.zeromq.org
> > http://lists.zeromq.org/mailman/listinfo/zeromq-dev
> >
> _______________________________________________
> zeromq-dev mailing list
> zeromq-dev <at> lists.zeromq.org
> http://lists.zeromq.org/mailman/listinfo/zeromq-dev
> 


I'm rather confused, as it is mentioned in CurveZMQ documentation that

"Data is encrypted with the public key (and other information) and decrypted
with the secret key."

That is the asymmetric encryption of data "problem", isn't it? Or am I
missing something?

Even the CurveCP states in Connection overview chapter at
http://curvecp.org/packets.html that cryptographic box encrypts message with
Server's and Client's short-term public key.

From link about libsodium provided by Doron one can clearly see, that
libsodium supports secret-key cryptography (AES), but I can't see the
application of such mechanism in ZMQ.

Michal


More information about the zeromq-dev mailing list