What am I even switching from?

If you ever read any of my previous posts, you'll know I use NixOS on my personal devices, and servers.

Naturally, on a system, you'll sooner or later need secrets management for configuring services and programs that require authentication, sensitive data, and so on.

NixOS offers many elegant solutions for secrets management, but what I landed on is agenix, which uses age under the hood for {en,de}cryption.

The issue

Age uses X25519 for asymmetric encryption, which is not post-quantum secure. In practice, this means that sufficiently powerful quantum computers in the future could compromise the security of age-encrypted data, rendering it vulnerable to malicious third-parties and HNDL attacks.

My previous solution was to use a private submodule to store my secrets, which has become somewhat of a hassle to manage due to the nature of submodules, especially for workflows involving Radicle for which I haven't quite figured out a solution using private submodules yet.

The solution

Ever since age v13.0.0, it now supports post-quantum encryption based on HPKE using a hybrid scheme that combines X25519 with ML-KEM-768, this effectively means that we can now just lay an age-encrypted file in our repositories without having to worry too much about the security of our secrets in the future.

But how do we migrate our existing secrets to the new format? well, that's what this post is about. First and foremost, I'm assuming that you already have existing secrets and a secrets.nix.

We will need to generate new age keys that support post-quantum encryption, and store them in an easily accesible, but safe, location.

I suggest ~/.config/age for your personal devices, and /etc/age for servers.

mkdir -p /etc/age
cd /etc/age

Then, we'll generate our keys and give them proper permissions; I personally name them after the host they belong to, but it's up to you.

I suggest backing them up to a secure location as well, just in case.

nix-shell -p age --run "age-keygen -pq -o $HOST.key"
chmod 600 "$HOST.key"

Now, we just need to update our secrets.nix (and hosts) to use the new keys, and re-encrypt our existing secrets.

cd my-nixos-config

let
  # note: they're long, consider `builtins.readFile`
  host = "your public key";
in {
  my-secret.publicKeys = [host];
}

{
  age.identityPaths = ["/etc/age/host.key"];
}

cd secrets
agenix -r --identity your-old-identity

And voilà, your secrets are now re-encrypted using post-quantum cryptography!

Give it a test run with nixos-rebuild switch and make sure everything works as expected.

Now, you can rest assured that the quantum thieves won't send you a calling card to ransack your secrets in the future.