[Question] Is it safe to use the same Nonce for every message?

dchest / tweetnacl-js

Port of TweetNaCl cryptographic library to JavaScript

https://tweetnacl.js.org

The Unlicense

1.75k stars 292 forks source link

[Question] Is it safe to use the same Nonce for every message? #160

Closed ZeroHackeR closed 5 years ago

ZeroHackeR commented 5 years ago

Hi All and @dchest,

First of all, thanks for your awesome and simple library!

If I understand correctly, Nonce can be shared publicly and it's not a secretive information. So, is it safe to use the same Nonce for every message for Box encryption?

As in this post, @dchest suggested to

use a random nonce every time

So, what is the advantages of having a random unique Nonce over using the same Nonce?

dchest commented 5 years ago

So, is it safe to use the same Nonce for every message for Box encryption?

No, it is not safe.

So, what is the advantages of having a random unique Nonce over using the same Nonce?

The advantage is that your cryptography won't be broken.

Please see https://en.m.wikipedia.org/wiki/Cryptographic_nonce

ZeroHackeR commented 5 years ago

Thanks for your quick reply.

I thought, the Nonce was the replacement for "Prime and Generator" values used in Diffie Hellman in which we can safely share them publicly and we can keep the same values. I guess, I misunderstood the concept of Nonce. I will study the link provided.