Copyright | (c) Joseph Abrahamson 2013 |
---|---|
License | MIT |
Maintainer | me@jspha.com |
Stability | experimental |
Portability | non-portable |
Safe Haskell | None |
Language | Haskell2010 |
Secret-key authenticated encryption: Crypto.Saltine.Core.SecretBox
The secretbox
function encrypts and authenticates a message
ByteString
using a secret key and a nonce. The secretboxOpen
function verifies and decrypts a ciphertext ByteString
using a
secret key and a nonce. If the ciphertext fails validation,
secretboxOpen
returns Nothing
.
The Crypto.Saltine.Core.SecretBox module is designed to meet the standard notions of privacy and authenticity for a secret-key authenticated-encryption scheme using nonces. For formal definitions see, e.g., Bellare and Namprempre, "Authenticated encryption: relations among notions and analysis of the generic composition paradigm," Lecture Notes in Computer Science 1976 (2000), 531–545, http://www-cse.ucsd.edu/~mihir/papers/oem.html.
Note that the length is not hidden. Note also that it is the caller's responsibility to ensure the uniqueness of nonces—for example, by using nonce 1 for the first message, nonce 2 for the second message, etc. Nonces are long enough that randomly generated nonces have negligible risk of collision.
Crypto.Saltine.Core.SecretBox is
crypto_secretbox_xsalsa20poly1305
, a particular combination of
Salsa20 and Poly1305 specified in "Cryptography in NaCl"
(http://nacl.cr.yp.to/valid.html). This function is conjectured
to meet the standard notions of privacy and authenticity.
This is version 2010.08.30 of the secretbox.html web page.
Synopsis
- data Key
- data Nonce
- secretbox :: Key -> Nonce -> ByteString -> ByteString
- secretboxOpen :: Key -> Nonce -> ByteString -> Maybe ByteString
- secretboxDetached :: Key -> Nonce -> ByteString -> (ByteString, ByteString)
- secretboxOpenDetached :: Key -> Nonce -> ByteString -> ByteString -> Maybe ByteString
- newKey :: IO Key
- newNonce :: IO Nonce
Documentation
An opaque secretbox
cryptographic key.
Instances
Eq Key Source # | |
Ord Key Source # | |
IsEncoding Key Source # | |
Defined in Crypto.Saltine.Core.SecretBox encode :: Key -> ByteString Source # decode :: ByteString -> Maybe Key Source # encoded :: (Choice p, Applicative f) => p Key (f Key) -> p ByteString (f ByteString) Source # |
An opaque secretbox
nonce.
Instances
Eq Nonce Source # | |
Ord Nonce Source # | |
IsNonce Nonce Source # | |
IsEncoding Nonce Source # | |
Defined in Crypto.Saltine.Core.SecretBox encode :: Nonce -> ByteString Source # decode :: ByteString -> Maybe Nonce Source # encoded :: (Choice p, Applicative f) => p Nonce (f Nonce) -> p ByteString (f ByteString) Source # |
:: Key | |
-> Nonce | |
-> ByteString | Message |
-> ByteString | Ciphertext |
Encrypts a message. It is infeasible for an attacker to decrypt
the message so long as the Nonce
is never repeated.
:: Key | |
-> Nonce | |
-> ByteString | Ciphertext |
-> Maybe ByteString | Message |
Decrypts a message. Returns Nothing
if the keys and message do
not match.
:: Key | |
-> Nonce | |
-> ByteString | Message |
-> (ByteString, ByteString) | (Authentication Tag, Ciphertext) |
Encrypts a message. In contrast with secretbox
, the result is not
serialized as one element and instead provided as an authentication tag and
ciphertext.
secretboxOpenDetached Source #
:: Key | |
-> Nonce | |
-> ByteString | Auth Tag |
-> ByteString | Ciphertext |
-> Maybe ByteString | Message |
Decrypts a message. Returns Nothing
if the keys and message do
not match.