[lib] implement secretbox symmetric encryption

Question

[lib] implement secretbox symmetric encryption

Closed this issue 4 years ago · 3 comments

Follow https://github.com/vocdoni/dvote-flutter-crypto

Answer 1 · 2021-02-19T18:49:28.000Z

@brickpop I understand that the following dvote-flutter-crypto functions and the decryption ones should be ported to dvote-js, right?
encryptSymmetricString
https://github.com/vocdoni/dvote-flutter-crypto/blob/fd123e1be4620b73e6d2ba6e60a289e8733a8b51/lib/dart/encryption.dart#L33
decryptSymmetricString
https://github.com/vocdoni/dvote-flutter-crypto/blob/fd123e1be4620b73e6d2ba6e60a289e8733a8b51/lib/dart/encryption.dart#L63

Answer 2 · 2021-02-22T20:02:59.000Z

So far we were only using the asymmetric encryption, at a protocol level:
https://github.com/vocdoni/dvote-js/blob/main/src/util/encryption.ts

Symmetric encryption was only used locally within the app, so I guess we do need to export a wrapper.
There must be libraries providing this

Answer 3 · 2021-02-25T12:18:16.000Z

Consider:

Secretbox uses XSalsa20 and Poly1305 to encrypt and authenticate messages with secret-key cryptography. 
The length of messages is not hidden.

It is the caller's responsibility to ensure the uniqueness of nonces—for example, by using nonce 1 for the first message, nonce 2 for the second message, etc. 
Nonces are long enough that randomly generated nonces have negligible risk of collision.