Bigger keys, please.

[AlastairGrowcott]

As far as I can tell the sodium_crypto_secretbox() APIs use a 256 bit key. The sodium_crypto_sign() API uses a 512 bit key. 2048 bit keys have been around for ages.

Is there a reason that libsodium uses such small keys?

Other crypto libraries allow you to choose your encryption algorithm and key size. Is there an API in libsodium that allows the same?

[emilbayes]

You are comparing apples to oranges. Libsodium uses elliptic curves, namely Ed25519 for signing and Curve25519/X25519 for encryption, which has 128-bit security level at 256-bit keys. You are thinking of RSA when talking about 2048 bits, which is completely different.

[enkore]

secretbox is actually not even asymmetric; it's symmetric authenticated encryption. Symmetric encryption very rarely sees use of keys in excess of 256 bits. There were never many algorithms which supported more, and most which did, are very old and weak algorithms like RC4 or oddball 320 bit NSA ciphers where half of the key is ECC.

There simply isn't any point in larger keys.

Other crypto libraries allow you to choose your encryption algorithm and key size. Is there an API in libsodium that allows the same?

One of the design aspects of libsodium is that it doesn't give you that choice, because this is an area where non-crypto developer often make mistakes. The libsodium design is to give you cryptographic abstractions like secretbox, crypto_box and secretstream, which don't have any knobs and won't fall apart unless you mishandle your private keys.

[AlastairGrowcott]

Thank you for the information and for taking the time to answer my question. I have to admit to total unfamiliarity with elliptic curve cryptography. I will go and do some research.