[−][src]Module tox_crypto::secretbox

Secret-key authenticated encryption

Security model

The seal() function is designed to meet the standard notions of privacy and authenticity for a secret-key authenticated-encryption scheme using nonces. For formal definitions see, e.g., Bellare and Namprempre, "Authenticated encryption: relations among notions and analysis of the generic composition paradigm," Lecture Notes in Computer Science 1976 (2000), 531–545, http://www-cse.ucsd.edu/~mihir/papers/oem.html.

Note that the length is not hidden. Note also that it is the caller's responsibility to ensure the uniqueness of nonces—for example, by using nonce 1 for the first message, nonce 2 for the second message, etc. Nonces are long enough that randomly generated nonces have negligible risk of collision.

Selected primitive

seal() is crypto_secretbox_xsalsa20poly1305, a particular combination of Salsa20 and Poly1305 specified in Cryptography in NaCl.

This function is conjectured to meet the standard notions of privacy and authenticity.

Example

use sodiumoxide::crypto::secretbox;
let key = secretbox::gen_key();
let nonce = secretbox::gen_nonce();
let plaintext = b"some data";
let ciphertext = secretbox::seal(plaintext, &nonce, &key);
let their_plaintext = secretbox::open(&ciphertext, &nonce, &key).unwrap();
assert!(plaintext == &their_plaintext[..]);

Modules

xsalsa20poly1305

crypto_secretbox_xsalsa20poly1305, a particular combination of Salsa20 and Poly1305 specified in Cryptography in NaCl.

Structs

Key	`Key` for symmetric authenticated encryption
Nonce	`Nonce` for symmetric authenticated encryption
Tag	Authentication `Tag` for the detached encryption mode

Constants

KEYBYTES	Number of bytes in `Key`.
MACBYTES	Number of bytes in the authenticator tag of an encrypted message i.e. the number of bytes by which the ciphertext is larger than the plaintext.
NONCEBYTES	Number of bytes in a `Nonce`.

Functions

gen_key	`gen_key()` randomly generates a secret key
gen_nonce	`gen_nonce()` randomly generates a nonce
open	`open()` verifies and decrypts a ciphertext `c` using a secret key `k` and a nonce `n`. It returns a plaintext `Ok(m)`. If the ciphertext fails verification, `open()` returns `Err(())`.
open_detached	`open_detached()` verifies and decrypts a ciphertext `c` and and authentication tag `tag`, using a secret key `k` and a nonce `n`. `c` is decrypted in place, so if this function is successful it will contain the plaintext. If the ciphertext fails verification, `open_detached()` returns `Err(())`, and the ciphertext is not modified.
seal	`seal()` encrypts and authenticates a message `m` using a secret key `k` and a nonce `n`. It returns a ciphertext `c`.
seal_detached	`seal_detached()` encrypts and authenticates a message `m` using a secret key `k` and a nonce `n`. `m` is encrypted in place, so after this function returns it will contain the ciphertext. The detached authentication tag is returned by value.