Changelog Master Feed

What's new in Go's cryptography libraries: Part 2 (Go Time #298)

Dec 12, 2023

01:11:38

Snipd AI

Filippo Valsorda, Roland Shoemaker, and Nicola Murino from the Go Team are back to catch us up on what's new in Go's crypto libraries. They discuss transitioning from pre-quantum to post-quantum cryptography, the performance impact of Chateree on common operations, implementing a new extension to the OpenSSH protocol, challenges in the SSH world, their unpopular opinions, and even their cooking abilities and kitchen setups.

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Transitioning to post-quantum cryptography to protect against quantum computer attacks is a priority for Go's cryptography libraries.

Implementing new SSH security features, such as the 'ping' protocol extension, presents challenges in maintaining backward compatibility and addressing algorithm negotiation complexities.

Switching to Chacha8 as the default number generator in Go 1.22 enhances cryptographic safety and prevents potential coding mistakes with math rand.

Deep dives

Moving from pre-quantum to post-quantum cryptography

The podcast episode discusses the need to transition from pre-quantum to post-quantum cryptography as quantum computers could potentially break current cryptographic methods. The episode mentions the NIST competition where various proposals were submitted and a selection process resulted in the choice of key exchange and signature algorithms. The selected algorithms aim to provide security against potential quantum computer attacks. The episode also highlights the challenge of the larger sizes of keys and signatures in post-quantum algorithms, which could impact performance and compatibility.

Introduction

2min

Transitioning from Pre-Quantum to Post-Quantum Cryptography

8min

Performance Impact of Chateree on Common Operations

31min

Implementing a New Extension to the OpenSSH Protocol

17min

Updating Old Hardware and Challenges in the SSH World

3min

Unpopular Opinions

6min

Cooking abilities, kitchen setups, and podcast outro

3min

Filippo Valsorda & Roland Shoemaker from the Go Team return & bring Nicola Murino with them to continue catching us up on what’s new in Go’s crypto libraries.

This is everything we didn’t cover + deep dives from Part 1!

Join the discussion

Changelog++ members save 3 minutes on this episode because they made the ads disappear. Join today!

Sponsors:

Changelog News – A podcast+newsletter combo that’s brief, entertaining & always on-point. Subscribe today.
Fastly – Our bandwidth partner. Fastly powers fast, secure, and scalable digital experiences. Move beyond your content delivery network to their powerful edge cloud platform. Learn more at fastly.com
Fly.io – The home of Changelog.com — Deploy your apps and databases close to your users. In minutes you can run your Ruby, Go, Node, Deno, Python, or Elixir app (and databases!) all over the world. No ops required. Learn more at fly.io/changelog and check out the speedrun in their docs.

Featuring:

Filippo Valsorda – Mastodon, Twitter, GitHub, Website
Roland Shoemaker – Twitter, GitHub, Website
Nicola Murino – GitHub
Natalie Pistunovich – Twitter, GitHub

Show Notes:

What’s new in Go’s cryptography libraries: Part 1
NIST
FIPS
Diffie–Hellman key exchange
FIPS standard 140
github.com/quic-go/quic-go
tip.golang.org/src/crypto/tls/quic.go
pkg.go.dev/crypto/x509
MultiAlgorithmSigner
OpenSSH format keys
Kerberos edge case, use the correct token from the client
defer channel window adjustment
Improved test cases (removed t.Fatal calls from goroutines), added test against SSH CLI
Agent compatibility
github.com/drakkan/sftpgo

Something missing or broken? PRs welcome!

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Changelog Master Feed

What's new in Go's cryptography libraries: Part 2 (Go Time #298)

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Moving from pre-quantum to post-quantum cryptography

Improved support for SSH security

Default number generator change in Go 1.22

Quick: The Next Version of HTTP

Improving TLS Certificate Parsing

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights

Changelog Master Feed

What's new in Go's cryptography libraries: Part 2 (Go Time #298)

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Moving from pre-quantum to post-quantum cryptography

Improved support for SSH security

Default number generator change in Go 1.22

Quick: The Next Version of HTTP

Improving TLS Certificate Parsing

Get the Snipdpodcast app

AI-poweredpodcast player

Discoverhighlights

Save anymoment

Share& Export

AI-poweredpodcast player

Discoverhighlights

Get the Snipd
podcast app

AI-powered
podcast player

Discover
highlights

Save any
moment

Share
& Export

AI-powered
podcast player

Discover
highlights