Closed qxxxb closed 2 years ago
The signature can indeed act as a MAC, although when using sign-then-encrypt (rather than encrypt-then-sign as you do here) it can be used for fast integrity checking.
libhydrogen doesn't have a direct API to do unauthenticated encryption as this is generally a dangerous thing to do. However, hydro_random_buf_deterministic()
could be abused for that purpose, creating an arbitrary long key stream than you can then xor
with the message or the ciphertext.
Thanks!
Is there a way to do secret key encryption without authentication?
For context, I'm trying to implement a bootloader with this design:
Based on this design, it doesn't seem necessary to compute and verify a MAC that the
secretbox
API provides, which is why I posted this issue. Thanks!