|
|
|
|
|
|
by d-z-m
615 days ago
|
|
|
Looks cool! a bit of crypto hygiene though, I'd recommend passing the ECDH output through a KDF before using it in xsalsa20-poly1305. Also, if you're using xsalsa20 anyway, why go through the trouble of doing incremental n0nces? One of the main benefits of opting for an extended-n0nce construction is that it simplifies n0nce handling greatly. Why not randomly generate the 24 byte n0nce and forget about the tricky and error prone project of ensuring n0nce uniqueness? |
|
|