| Copyright | (c) Thomas DuBuisson 2017 |
|---|---|
| License | MIT |
| Maintainer | me@jspha.com |
| Stability | experimental |
| Portability | non-portable |
| Safe Haskell | None |
| Language | Haskell2010 |
Crypto.Saltine.Core.AEAD
Description
Secret-key authenticated encryption with additional data (AEAD): Crypto.Saltine.Core.AEAD
The aead function encrypts and authenticates a message
ByteString and additional authenticated data ByteString
using a secret key and a nonce. The aeadOpen
function verifies and decrypts a ciphertext ByteString using a
secret key and a nonce. If the ciphertext fails validation,
aeadOpen returns Nothing.
The Crypto.Saltine.Core.AEAD module is designed to meet the standard notions of privacy and authenticity for a secret-key authenticated-encryption scheme using nonces. For formal definitions see, e.g., Bellare and Namprempre, "Authenticated encryption: relations among notions and analysis of the generic composition paradigm," Lecture Notes in Computer Science 1976 (2000), 531–545, http://www-cse.ucsd.edu/~mihir/papers/oem.html.
Note that the length is not hidden. Note also that it is the caller's responsibility to ensure the uniqueness of nonces—for example, by using nonce 1 for the first message, nonce 2 for the second message, etc. Nonces are long enough that randomly generated nonces have negligible risk of collision.
Synopsis
- data Key
- data Nonce
- aead :: Key -> Nonce -> ByteString -> ByteString -> ByteString
- aeadOpen :: Key -> Nonce -> ByteString -> ByteString -> Maybe ByteString
- aeadDetached :: Key -> Nonce -> ByteString -> ByteString -> (ByteString, ByteString)
- aeadOpenDetached :: Key -> Nonce -> ByteString -> ByteString -> ByteString -> Maybe ByteString
- newKey :: IO Key
- newNonce :: IO Nonce
Documentation
An opaque secretbox cryptographic key.
Instances
| Eq Key Source # | |
| Ord Key Source # | |
| IsEncoding Key Source # | |
Defined in Crypto.Saltine.Core.AEAD Methods encode :: Key -> ByteString Source # decode :: ByteString -> Maybe Key Source # encoded :: (Choice p, Applicative f) => p Key (f Key) -> p ByteString (f ByteString) Source # | |
An opaque secretbox nonce.
Instances
| Eq Nonce Source # | |
| Ord Nonce Source # | |
| IsNonce Nonce Source # | |
| IsEncoding Nonce Source # | |
Defined in Crypto.Saltine.Core.AEAD Methods encode :: Nonce -> ByteString Source # decode :: ByteString -> Maybe Nonce Source # encoded :: (Choice p, Applicative f) => p Nonce (f Nonce) -> p ByteString (f ByteString) Source # | |
Arguments
| :: Key | |
| -> Nonce | |
| -> ByteString | Message |
| -> ByteString | AAD |
| -> ByteString | Ciphertext |
Encrypts a message. It is infeasible for an attacker to decrypt
the message so long as the Nonce is never repeated.
Arguments
| :: Key | |
| -> Nonce | |
| -> ByteString | Ciphertext |
| -> ByteString | AAD |
| -> Maybe ByteString | Message |
Decrypts a message. Returns Nothing if the keys and message do
not match.
Arguments
| :: Key | |
| -> Nonce | |
| -> ByteString | Message |
| -> ByteString | AAD |
| -> (ByteString, ByteString) | Tag, Ciphertext |
Encrypts a message. It is infeasible for an attacker to decrypt
the message so long as the Nonce is never repeated.
Arguments
| :: Key | |
| -> Nonce | |
| -> ByteString | Tag |
| -> ByteString | Ciphertext |
| -> ByteString | AAD |
| -> Maybe ByteString | Message |
Decrypts a message. Returns Nothing if the keys and message do
not match.