Skip to content

TCL C Extension for encrypting Strings using Xsalsa20 and Poly1305

Notifications You must be signed in to change notification settings

tittof/FiSHDANCE

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

16 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

FiSHDANCE

This is a tcl c extension that provides an implementation of XSalsa20 with Poly1305 MAC (taken from libsodium)

It uses a mostly random nonce in front of every message.

8 Bytes of the nonce are used as timestamp in milliseconds since epoch and messages older than 10 seconds are discarded if they were successfully decrypted to mitigate replay.

The overhead (nonce + MAC) is 40 Bytes.

Make sure you feed a good key with enough entropy (256 Bit):

pwgen -s 1048576|xz -9ve -|wc -c

796718 <- result

echo "45*8*796718/1048576"|bc

273 <- result (Bits of entropy)

recommendation:
use pwgen -ns1 45 to get a good password because we just hash it
down to crypto_secretbox_KEYBYTES
using crypto_generichash (blake2b) without salt.

USAGE:

% load ./libfishdance.so
% ::fishdance::encrypt YoZw0ssp8bQUDhACIlYPXyeom5cIjl1pzmFWXbFdtN969 x
V0V19FsBAAAFkF1h9CfZbzNhCd/VKMo0Oc6aPRXOKRmfy1t6AaS6z6s=
% ::fishdance::decrypt YoZw0ssp8bQUDhACIlYPXyeom5cIjl1pzmFWXbFdtN969 V0V19FsBAAAFkF1h9CfZbzNhCd/VKMo0Oc6aPRXOKRmfy1t6AaS6z6s=
x
% ::fishdance::decrypt YoZw0ssp8bQUDhACIlYPXyeom5cIjl1pzmFWXbFdtN969 V0V19FsBAAAFkF1h9CfZbzNhCd/VKMo0Oc6aPRXOKRmfy1t6AaS6z6s=
message too old (0000000002486ms)

About

TCL C Extension for encrypting Strings using Xsalsa20 and Poly1305

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published