Commit cb927331 authored by Éloïs's avatar Éloïs
Browse files

[RFC17] nonce is salt

parent 3bbe0d07
......@@ -11,17 +11,19 @@ We use nacl function [crypto_box_beforenm]. Then use scrypt with a random nonce.
Let `R = crypto_box_beforenm(Sa, Pb) = crypto_box_beforenm(Sb, Pa)`.
Let `n` be a random nonce of 12 bytes.
Let `s` be a random salt of 16 bytes.
The symmetric encryption key `k` is obtained as follows:
`k = scrypt(R, SHA256(n))`
`k = scrypt(R, s)`
With following parameters for scrypt:
```txt
N = 4096
r = 16
password = R
Salt = s
N = 1024
r = 12
p = 1
dkLen = message length
```
......@@ -32,11 +34,11 @@ Encrypt bit per bit with XOR cipher.
## Serialize encrypted message with meta data
| Prefix | Message type | Message length | Nonce | Encrypted message |
| Prefix | Message type | Message length | Salt | Encrypted message |
|:-------:|:------------:|:--------------:|:--------:|:-----------------:|
| 2 bytes | 1 byte | 1 byte | 12 bytes | Any bytes |
| 2 bytes | 1 byte | 1 byte | 16 bytes | Any bytes |
The maximum length of a message is 173 bytes.
The maximum length of a message is 169 bytes.
### Prefix
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment