-
Enhancement
-
Resolution: Unresolved
-
P4
-
None
-
8, 11, 15
A DESCRIPTION OF THE PROBLEM :
XChaCha20-Poly1305 is being widely cited as the recommended encryption scheme for AEAD scenarios due to the decreased probability of encountering a birthday collision when using a random nonce. It is ideal to have modern ciphers like XChaCha20-Poly1305 in the JRE itself rather than having them be provided by an external provider such as BouncyCastle or Conscrypt so that libraries authors who wish to add encryption can make use of the cipher without adding a dependency on an external provider.
This cipher is particularly useful for application-layer encryption scenarios.
Ideally, this cipher addition would be backported to 11 and 8 as well, to ensure that even newly written crypto code can work with existing systems. For many operators it is practical to continue running on Java 8 or 11, but crypto improvements need to continue happening.
XChaCha20-Poly1305 is being widely cited as the recommended encryption scheme for AEAD scenarios due to the decreased probability of encountering a birthday collision when using a random nonce. It is ideal to have modern ciphers like XChaCha20-Poly1305 in the JRE itself rather than having them be provided by an external provider such as BouncyCastle or Conscrypt so that libraries authors who wish to add encryption can make use of the cipher without adding a dependency on an external provider.
This cipher is particularly useful for application-layer encryption scenarios.
Ideally, this cipher addition would be backported to 11 and 8 as well, to ensure that even newly written crypto code can work with existing systems. For many operators it is practical to continue running on Java 8 or 11, but crypto improvements need to continue happening.