Encrypting & Nonce

Passing this along, FYI.

Crypto has always been a little mysterious to me.

I’ve been enjoying training videos by Caleb Doxsey and just created these examples. I like them for their clarity.

I’m using “golang.org/x/crypto/nacl/secretbox” and encrypting like this:

func encrypt(decrypted string, password [32]byte) string {
    var nonce [24]byte
    io.ReadAtLeast(rand.Reader, nonce[:], 24)
    encrypted := secretbox.Seal(nil, []byte(decrypted), &nonce, &password)
    return fmt.Sprintf("%x:%x", nonce[:], encrypted)

When I run the code, I get this:

BEFORE ENCRYPTION: some message that you want to store / send securely
ENCRYPTED:     2254e07684e278f7660a1bda741f02946837d03f1740ae4b:8b269d05b67a542145d91dfaf99d0642e6eb849b120545fc63d401a7f9767e7db3bf33d3b3c247a41172c132f6e487e2ac259dc2af844d631eb757068e7bfe68bd6330
AFTER DECRYPTING: some message that you want to store / send securely

The nonce is a number that is only used once. It helps prevent a replay attack.
Many thanks to Caleb Doxsey for his awesome trainings.

1 Like

This could be io.ReadFull and you should check the error return, lest you suddenly be encrypting all your stuff with the {0, 0, 0, ...} nonce.


Thank you, Jakob!

1 Like

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.