module RbNaCl
NaCl/libsodium for Ruby
NaCl/libsodium for Ruby
NaCl/libsodium for Ruby
NaCl/libsodium for Ruby
NaCl/libsodium for Ruby
Constants
- Box
Bind aliases used by the public API
- GroupElement
- OneTimeAuth
- PrivateKey
- PublicKey
- RandomNonceBox
The simplest nonce strategy that could possibly work
This class implements the simplest possible nonce generation strategy to wrap a
RbNaCl::Box
orRbNaCl::SecretBox
. A 24-byte random nonce is used for the encryption and is prepended to the message. When it is time to open the box, the message is split into nonce and ciphertext, and then the box is decrypted.Thanks to the size of the nonce, the chance of a collision is negligible. For example, after encrypting 2^64 messages, the odds of their having been repeated nonce is approximately 2^-64. As an additional convenience, the ciphertexts may be encoded or decoded by any of the encoders implemented in the library.
The resulting ciphertexts are 40 bytes longer than the plain text (24 byte nonce plus a 16 byte authenticator). This might be annoying if you're encrypting tweets, but for files represents a fairly small overhead.
Some caveats:
-
If your random source is broken, so is the security of the messages. You have bigger problems than just this library at that point, but it's worth saying.
-
The confidentiality of your messages is assured with this strategy, but there is no protection against messages being reordered and replayed by an active adversary.
-
- SecretBox
- SigningKey
- TEST_VECTORS
Reference library of test vectors used to verify the software is correct
- VERSION
The library's version
- VerifyKey