Comments (5)
Look at the documentation for the N
variant. Or, if both parties already know their peer's public key, look at the KK
variant. It should be pretty self-explanatory.
The KK
variant requires an extra packet, but you get forward secrecy (each session will use a different shared key).
libhydrogen compiles fine to webassembly, and supports WASI. But there are no clean Javascript bindings yet.
from libhydrogen.
Hi,
Of course it supports public key encryption. box
is a legacy API, and even in libsodium I can't think of any compelling reason to keep using it.
Look at the Key Exchange section. These functions can create key pairs, and use them to compute a shared secret. Once you have that shared secret, use it withsecretbox
.
The closest construction to box
(no forward secrecy, no authentication) would be the N
variant without a pre-shared key + secretbox
. The noise N
variant without a pre-shared key is equivalent to libsodium's crypto_kx
.
from libhydrogen.
ah ok, cool. So, constructing that reminds of the process for using AES with RSA.
Is there an example / test somewhere that I could reference as I play around with this?
Also, does there exist WASM bindings? ;)
from libhydrogen.
Of course it supports public key encryption. box is a legacy API, and even in libsodium I can't think of any compelling reason to keep using it.
Hi, I hope it's okay if I ask here: Are you referring to crypto_box_*
in libsodium? Why is it legacy?
from libhydrogen.
From a educational POV it would be grate to explain why box is legacy in the libsodium documentation.
I'm not an expert in this field at all but as far as I understand:
-
NaCL
crypto_box_*
has some suboptimal design choices I'm not sure if @jedisct1 was referring to this -
libsodiums
crypto_box
with_easy
and_detached
has "replaced" NaCLcrypto_box_*
-
crypto_box
with_easy
/_detached
still has a bit of sub-optimal API wrt.:- it doesn't use any context (i.e. neither a key derivation with context nor associated data)
- it doesn't allow specifying a pre-shared key in the key exchange
- it doesn't come with forward security
So by now it's not that rare to explicitly do a key exchange + a AEAD chipher for encryption passing some AD. Or to use a key exchange followed by using HKDF for generating subkeys with a specific context.
from libhydrogen.
Related Issues (20)
- API Thoughts HOT 1
- hydro_random_init() get called twice HOT 1
- Sealed boxes support! HOT 2
- Linking issue on Android HOT 5
- Init RNG seeding seemingly very predictable on Arduino Uno HOT 11
- Flipping bit in secret key doesn't change results? HOT 1
- Problems compiling with clang 13 on windows HOT 2
- Secret key encryption without authentication HOT 2
- GCC 11 warnings read/accessing out of regions HOT 4
- What does hydro_hash_hash return, and under what conditions? HOT 3
- How to send a message using KK_variant Key exchange? HOT 6
- Leaked public keys of KK_variant? HOT 3
- Do KK_variant's Three functions perform the signing and public key encryption?
- Libhydrogen API hydro_kx_kk_2 getting failed in AIX HOT 2
- Error C4146 in Windows HOT 2
- Add Noise X and IK patterns
- using secretbox where the full payload isnt available/cant fit in memory?
- Is there a way to do signcryption with this library? HOT 7
- Additional Data HOT 1
- Is the text in the footer of all the Wiki pages intentional or vandalism? HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from libhydrogen.