Collaborate Disseminate
We want to wrap / encapsulate
a symmetric key with an asymmetric keypair,
a symmetric key with a symmetric key,
a private key with a symmetric key.
In each case, we’d like to allow several keys to be wrapped / encapsulated with the same … Continue reading How to use (py)NaCl/libsodium for key wrap, key encapsulation
Which Cryptographic Message Standards are recommended to ensure cryptographic agility in the future and good adapotion trough different programming languages (.NET and Go)?
(PublicKey with authenticated symetric encryption)
I doesn’t want … Continue reading Whch Cryptographic Standard ensures cryptographic agility and good adapotion
I’m writing an application that needs to deterministically encrypt some data (where two equal ciphertexts will produce two equal plaintexts; this is acceptable and in fact desirable for this application), and I’d like to stay as far away f… Continue reading Can I HMAC my plaintext for use as a NACL SecretBox nonce?
I choose a random ed25519 secret key sk_enc and calculate the multiplicative inverse sk_inv_enc of integer sk_env modulo L. Then i compute the scalar product of a standard group element and the integer sk_enc * sk_inv_enc on the edwards255… Continue reading Test the multiplicative inverse of a ed25519 secret key in pynacl
What is the difference between NaCl encryption and Signal protocol? What are the similarities? Are there any problems with NaCl that the Signal protocol has solved?
Continue reading NaCl encryption vs Signal protocol? [closed]
I am working on an end-to-end encrypted messaging application as an educational activity with some of my extra time. I have chosen to use libsodium for the underlying crypto. I have run into a hang-up with how to properly implement replay … Continue reading Replay Safe Mutual Authentication (libsodium)
We have a web server behind an AWS Load Balancer. We’d like to block any host from accessing our web server if they are connecting from a Consumer VPN style network. We’ll also be doing some geo-location blocking too which we can do with A… Continue reading Block Connections from Consumer VPN networks at gateway
When deriving a private key from a password, will the resulting secret key be any weaker if the user email is included in the function input? Meaning, user email concatenated with the user password.
I’m using scrypt for key derivation, wi… Continue reading derived key from email + password?
The nacl.cr.yp.to source code has separate methods for doing public key encryption: https://nacl.cr.yp.to/box.html and for verifying signatures: https://nacl.cr.yp.to/sign.html
I would expect that a private and public key ge… Continue reading Why don’t the nacl public key primitives for signatures and authenticated encryption use the same keys?
What, if anything, can be used to provide confidentiality and authenticity guarantees for the storage keys used to store data in a key-value store?
To be clear what I mean by the storage keys – I mean the “key” in “key-value… Continue reading Confidentiality and Authenticity of the Key in a Key-Value Store