All Questions
4
questions
2
votes
1
answer
199
views
48-bit nonce reuse with ChaCha20
The situation:
I have a group with 20 members, each member broadcasting 1 message per second. Communicating one on one is possible, but 1 message per member per second is the absolute limit and every ...
1
vote
1
answer
488
views
Is it okay to reuse a single symmetric key for a large volume of messages and HMACs, so long as "nonces" are randomly generated for both of them?
https://www.reddit.com/r/crypto/comments/fnku50/nonce_reuse_vs_iv_reuse/
Nonce reuse with the same key is catastrophic to security. The same premise holds for
initialization vectors. If the key ...
2
votes
1
answer
1k
views
Why is it secure to reuse key and nonce in ChaCha20-Poly1305 AEAD construction?
While looking at the ChaCha20 and Poly1305 AEAD construction as defined by RFC 8439, more precisely its use of the key and the nonce, I came up with the questions below. Maybe someone with some in-...
6
votes
1
answer
7k
views
What happens if a nonce is reused in ChaCha20-Poly1305?
In ChaCha20-Poly1305, I know that reusing a nonce loses confidentiality and integrity for all messages encrypted with the (key, nonce) pair.
However, is security affected for those messages encrypted ...