Score:1

Disparity between PyNaCl docs and libsodium docs

us flag

So if we look here, it shows that libsodium uses three 3 different algorithms for this, which sounds weird to me, cause nothing indicates that anything besides Curve25519 is used in those specific functions (the boxes specifically take private and public keys and nothing indicates there is any key generation for XSalsa20):

https://doc.libsodium.org/public-key_cryptography/authenticated_encryption#algorithm-details

And if we look here, it is stated that the python implementation of this uses only Curve25519:

https://pynacl.readthedocs.io/en/latest/public/#algorithm


What is going on here?

Score:2
si flag

The python docs only lists the public-key algorithm, not all algorithms it uses. Poly1305 and XSalsa20 aren't public-key algorithms, and thus aren't listed. PyNacl's docs are simply incomplete, it uses libsodium internally.

It's worth noting that Curve25519 is only ever used for key exchange (in the X25519), never directly for encryption. Ed25519 uses a curve birationally equivalent to Curve25519 for signatures. While it's possible to use Curve25519 in an ElGamal encryption system that's non-standard and not a very good idea.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.