如何使用salsa20计数器随机数? [英] How to use salsa20 counter nonce?

问题描述

1. 我不确定我是否正确:消息计数器可以用作/代替随机数?

我的意思是这样的消息:

I mean a message like this:

标题(2字节)|计数器(8bytes)|正文(已加密n个字节)| HMAC SHA1

Header(2bytes) | counter(8bytes) | Body(n bytes encrypted) | HMAC-SHA1

计数器= 1(位中的63 = 0)可以吗?

with counter = 1 (63 of the bits=0) is ok?

1. 我了解到，我绝不应该将同一密钥与同一随机数重复使用两次. 当新的连接开始并且计数器再次从1开始时，我该怎么办?

1. I understand that I should never use the same key with the same nonce twice. What do I do when a new connection is started and counter starts from 1 again?

推荐答案

我了解到，我绝不应该将同一密钥与同一随机数重复使用两次.当新的连接开始并且计数器再次从1开始时，我该怎么办?

I understand that I should never use the same key with the same nonce twice. What do I do when a new connection is started and counter starts from 1 again?

如果您使用具有相同密钥的随机数，则会发生这种情况.您应该将计数器(作为随机数使用)存储在客户端上的某个位置，针对发送的每条消息将其递增，然后在发送该消息之前将其写回到存储中.这很重要，因为如果您无法将其写回，而是发送消息，则下一条消息将使用相同的计数器.如果您不能将计数器写回去，那么您真的不应该发送消息.

If you re-use a nonce with the same key, this happens. You should store the counter, which you use as a nonce, somewhere on the client, increment it for every message that you send and write it back to storage before you send that message. This is important, because if you fail to write it back, but send the message, the next message will use the same counter. You really should not send the message if you can't write the counter back.

如果您无法在客户端上存储类似计数器的内容，则可以随机生成随机数. 64位不能提供足够的空间来提供良好的抗碰撞性.您应该期望在使用相同密钥的2 ³² 条消息之后出现第一个随机数冲突.如果您的消息比这少得多，那么您可以简单地生成一个随机随机数，并确定不会发生冲突.如果您想更加确定，请使用XSalsa20，它使用192位IV/nonce.

If you cannot store something like a counter on the client, then you can randomly generate the nonce. 64 bit does not provide much space for good collision resistance. You should expect to get the first nonce collision after 2³² messages with the same key. If you have much much fewer messages than this, then you can simply generate a random nonce and be fairly sure that there won't be a collision. If you want to be extra sure, use XSalsa20, which uses a 192 bit IV/nonce.

我不确定我是否正确:消息计数器可以用作/代替随机数?

I am not sure if I got it right: a counter of messages can be used as/instead of the nonce?

Nonce 表示使用一次的次数.如果您总是增加计数器，那么您将始终使用一次使用其他数字.因此，是的，计数器可以用作随机数.

Nonce means number used once. If you always increment the counter, then you will always have a different number which you use once. So, yes, a counter can be used as a nonce.

这篇关于如何使用salsa20计数器随机数?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！