Crypto stream (stream cipher)

serokell / haskell-crypto

Haskell cryptography done right

https://hackage.haskell.org/package/crypto-sodium

16 stars 6 forks source link

Crypto stream (stream cipher) #5

Closed kirelagin closed 4 years ago

kirelagin commented 4 years ago

https://nacl.cr.yp.to/stream.html

Lazy ByteString?
ListT?
What to do about authentication?

kirelagin commented 4 years ago

See Crypto.Mac.Lazy, Crypto.Mac.Stream, and crypto-sodium-streamly.

kirelagin commented 4 years ago

Let’s restrict the scope of this issue to the NaCl-compatible (unauthenticated) streaming API. https://libsodium.gitbook.io/doc/advanced/stream_ciphers/xsalsa20

kirelagin commented 4 years ago

So, within the scope of this issues are only two simple functions: Crypto.Stream.create and Crypto.Stream.xor. The latter should come with a WARNING in haddock that it is inscure because there is no authentication, and thus should not be used, unless the developer knows exactly what they are doing and will have some other form of authentication of the data.

kirelagin commented 4 years ago

Actually, let’s make sure we do not expose this dangerous API from crypto-sodium and only expose it from NaCl.

kirelagin commented 4 years ago

Implemented in 35835f9f69116bdfe064725d24ea15f055c12176.