[noise] Thoughts on semi-deterministic encryption

Tony Arcieri bascule at gmail.com
Tue Aug 26 13:13:52 PDT 2014

On Tuesday, August 26, 2014, Jonathan Moore <moore at eds.org> wrote:

> I am but I still need to encrypt the documents.

In past capability-based systems I've made that work like this[1] (where I
don't want them to be content addressable) I've used a random nonce.

If you're worried about nonce repetition due to a bad RNG, you can use
something like the current time for part of the nonce in addition to RNG.
That's cheaper than computing a content or ciphertext hash.

1: https://github.com/livingsocial/keyspace

Tony Arcieri
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/noise/attachments/20140826/394bbd73/attachment.html>

More information about the Noise mailing list