有关NaCL加密库的问题 [英] Questions about the NaCL crypto library

问题描述

我在寻找库来实现一个加密系统，并有兴趣使用NaCl：网络和密码学库，特别是框功能。显然，它使用对称加密XSalsa20，Curve25519用于公共 - 私有密码术，Poly1305用于认证作为它的原语。

I was looking for libraries to implement an encryption system and was interested in using the NaCl: Networking and Cryptography library specifically the box function. Obviously, it uses symmetric encryption XSalsa20, Curve25519 for public-private cryptography and Poly1305 for authentication as the primitives for it.

然而，文档看起来不够他们已经被使用。例如，它提到要计算密钥，它使用发送者的私钥和接收者的公钥来计算密钥。但它不解释如何。任何人都可以忽略它吗？

However, the documentation looks to be insufficient in the way the they've been used. For example, it mentions that to compute the key it uses the sender's private key and the receiver's public key to compute the secret key. But it doesn't explain how. Can anyone shed any light on it?

如果我使用相同的公共和私人密钥，我不会在下次尝试时生成相同的密钥，这将是灾难性的。有没有人知道它的背后的解释或者挂钩我更多的文档如何功能工作，而不是如何使用这些功能。

If I were to use the same public and private key, I wouldn't the same key to be generated on the next attempt and it would be disastrous. Does anyone know of the explanation behind it or hook me up with some more documentation on how the functions work rather than how the functions can be used?

推荐答案

crypto_box 如何工作？

c>对两个密钥使用Diffie-Hellman密钥交换并对结果进行散列。然后它使用它作为 secret_box 的键。

• crypto_box 等效于 crypto_box_beforenm 后跟 crypto_box_afternm 。

crypto_box_beforenm 是按照Curve25519论文中描述的工作的散列密钥交换，使用椭圆曲线Diffie-Hellman密钥交换在Curve25519哈希结果与HSalsa。这产生一个32字节的共享密钥。

crypto_box_beforenm is the hashed key-exchange which works as described in the Curve25519 paper, using elliptic curve Diffie-Hellman key exchange on Curve25519 hashing the result with HSalsa. This yields a 32 byte shared key.

k = Hash（Curve25519（b，A））= Hash（Curve25519（a，B））

k = Hash(Curve25519(b, A)) = Hash(Curve25519(a, B))

crypto_box_afternm 与 crypto_secret_box 相同。它需要一个24字节的随机数和一个32字节的密钥。它是使用XSalsa20加密和Poly1305作为MAC的认证流密码。 XSalsa20的输出的前32个字节用于MAC，其余的是 xor 编入明文以加密它。

crypto_box_afternm is identical to crypto_secret_box. It takes a 24 byte nonce and a 32 byte key. It's an authenticated stream cipher using XSalsa20 for encryption and Poly1305 as MAC. The first 32 bytes of the output of XSalsa20 are used for the MAC, the rest are xored into the plaintext to encrypt it.

如果您使用两个固定的密钥对，

If you take two fixed key-pairs, the result of the key exchange will always be the same.

但对称部分 secret_box 是安全的，即使你使用一个键几次，只要你永远不会重用一个nonce的那个键，即（key，nonce）对必须是唯一的。

But the symmetric part secret_box is secure even when you use a key several times, as long as you never reuse a nonce for that key, i.e. the (key, nonce) pair must be unique.

这个属性是很多

创建唯一现时的常见方法是：

Common ways to create a unique nonce are:

• 使用8字节前缀和随机16字节值（无状态，随机16个字节最有可能是唯一的）


• 16字节前缀和8字节计数器（有状态，在每个数据包递增的连接中有用）

这篇关于有关NaCL加密库的问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！