KeepassXC has AES 256 and Twofish 256 to choose as an encryption cipher it would be good to add Serpent. Serpent was the algorithm with the highest security margin of the top 3 AES finalists so it would be a good addition for those who want this with KDBX4 format.
Please consider this.
sebast889
All 2 comments
KDBX4 already has ChaCha20. I don't see a great improvement in adding Serpent
TheZ3ro
on 13 Aug 2018
@TheZ3ro I understand where you're coming from but in my opinion it can still be useful to add Serpent. KeepassXC has Twofish already which I see as less robust than Serpent though it is also a good cipher. If Serpent is added it could also allow for cascading AES-Twofish-Serpent which of course is up to you guys if you want to implement it but I'm sure there are users who would like that.
Also personally I'm wary of stream ciphers from what I understand they are not as well understood as block ciphers for data at rest encryption uses and can suffer if the implementation is bad (nonce reuse, no proper authentication etc.). ChaCha20 has only received most of its attention in the last 5 years even if it is older which is less than the other block ciphers. Can you give some information on how it is implemented in KeepassXC, as ChaCha20-Poly1305 or different?
sebast889
on 14 Aug 2018
Related issues
JosephHatfield
路
3Comments
mstarke
路
3Comments
813gan
路
3Comments
amvasilyev
路
3Comments
MountainX
路
3Comments
Most helpful comment
KDBX4 already has ChaCha20. I don't see a great improvement in adding Serpent