No no, this is "block" in the cryptography sense. It's the unit of computation of the cipher. For salsa20 and chacha20, the block size is 512 bits. You can still start the stream at an arbitrary byte by rounding to the closest block boundary and then throwing away the extra bytes. (You'd have to do the XOR'ing manually though, to start at the specific byte you want.)
But I definitely agree it'd be better to use boxes with authentication. -Kenton On Thu, Jan 13, 2022 at 12:19 PM Jens Alfke <j...@mooseyard.com> wrote: > > > > On Jan 13, 2022, at 9:31 AM, Kenton Varda <ken...@cloudflare.com> wrote: > > > > It looks like the chacha20 functions have variants with an "ic" > parameter, which lets you specify the block counter, but the salsa20 > functions don't have this for some reason. > > A block counter would still require dividing the stream into blocks. > Fixed-size blocks won’t work because the codec will stall until a block is > completed, which would deadlock most interactive protocols. > Variable-size blocks depend on the byte counts passed to the writer, which > then means writing the block size into the output, and assembling a block > on the read side. This turns out to be just as much work as using the > higher level APIs like crypto_secretstream_xchacha20poly1305, or for that > matter crypto_secretbox, both of which authenticate; so might as well just > use them. (As does Scuttlebutt.) > > Bizarrely, there appears to be no actual streaming API where your data > gets encrypted with successive portions of the infinite cipher stream. This > is further confirmation of my belief that cryptographers should never be > allowed to design APIs. > > So. Current plan is to write a stream wrapper around crypto_secretbox. > This involves annoying stuff like buffering data, but it’s not rocket > science. > > —Jens -- You received this message because you are subscribed to the Google Groups "Cap'n Proto" group. To unsubscribe from this group and stop receiving emails from it, send an email to capnproto+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/capnproto/CAJouXQ%3DWfGUUyKysUW_ODMt80uRn3XP0Cc%3DzBp%2BexSzocURgbw%40mail.gmail.com.
