Stream encryption API #94
Comments
This is a great idea! I'm curious whether you plan on using such a feature anywhere specific?
XChaCha20Poly1305 is in the process of being standardised and is used quite a few other places as well. I see no issue with basing a streaming encryption API upon this. The libsodium secretstream is a good baseline for implementing it in orion.
Yes, this definitely seems worthwhile to provide. I have looked into it before, but not thought about specific requirements for such an implementation, which means we might need to re-iterate over its design a few times. Since you mentioned you already have a working implementation, you could open it as WIP while we work through it? |
Something that i would like to see in this library is an API for encrypting a stream of messages.
This is for example useful if a file is too large to be encrypted at once.
It is impotent for such an API that messages can not be modified , dropped or reordered. This means the complete stream needs to be authenticated.
Its also a requirement, that the same message, if encrypted repeatedly, produces different ciphertexts.
Libsodium provides such a functionality based on XChaCha20Poly1305.
https://download.libsodium.org/doc/secret-key_cryptography/secretstream
This functionality can also easily implemented for orion. (I already have a working, hazardous implementation for it )
The main problem that i see is that this algorithm isn't standardized.
If you want this functionality i can submit a pull request for this
The text was updated successfully, but these errors were encountered: