-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 29/11/14 00:35, Yawning Angel wrote:
On Fri, 28 Nov 2014 17:57:26 + Michael Rogers
mich...@briarproject.org wrote:
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256
On 28/11/14 15:50, Yawning Angel wrote:
A one time poly1305 key is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
In the obfs4 spec I couldn't find a description of how the secretbox
nonces for the frames are constructed. A 16-byte nonce prefix comes
from the KDF, but what about the remaining 8 (presumably
frame-specific) bytes?
If an attacker changes the
On Fri, 28 Nov 2014 13:08:04 +
Michael Rogers mich...@briarproject.org wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Hi,
In the obfs4 spec I couldn't find a description of how the secretbox
nonces for the frames are constructed. A 16-byte nonce prefix comes
from the KDF,
On Fri, 28 Nov 2014 14:47:29 +
Michael Rogers mich...@briarproject.org wrote:
I believe so too, but is it stated anywhere that this is a guaranteed
property of crypto_secretbox?
The Poly1305 authenticator is calculated based on the payload and the
nonce. In the case of the NaCL secretbox
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 28/11/14 15:50, Yawning Angel wrote:
A one time poly1305 key is calculated for each box, based on 32
bytes of zeroes encrypted with a one time Salsa20 key/counter
derived from the nonce and the box key. You can view the use of
Salsa20 there
On Fri, 28 Nov 2014 17:57:26 +
Michael Rogers mich...@briarproject.org wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 28/11/14 15:50, Yawning Angel wrote:
A one time poly1305 key is calculated for each box, based on 32
bytes of zeroes encrypted with a one time Salsa20