
Announcing TripleSec - JavaScript encryption combining Salsa20, AES, and 2fish - malgorithms
https://keybase.io/triplesec
======
genericacct
It's all very cool but "magic bytes"? When I encrypt data the last thing i
want is for its format to be easily recognizable.

~~~
maxtaco
That's a good point. You can feel free to strip them off. After byte 8, the
rest of the outputs will appear almost entirely random. It depends on your
usage. I'm imagining a database table on a server with a column of TripleSec-
encrypted values. In that case, the adversary knows what he/she is getting by
looking at the DB schema or reading the code.

------
maxtaco
Hi, Max here. I'm happy to answer questions about TripleSec, so let me know.

~~~
tptacek
Hi, Max. CTR doesn't have an IV. It has a nonce. IVs need to be unpredictable;
nonces only need to not repeat.

~~~
0xEA
Actually, you rarely want a predictable nonce as well. The difference is that
a nonce must not repeat (or repetition is statistically irrelevant).

Even per wikipedia, many often refer to an IV as a nonce:
[http://en.wikipedia.org/wiki/Cryptographic_nonce](http://en.wikipedia.org/wiki/Cryptographic_nonce)

~~~
sdevlin
What problem does a predictable nonce cause?

------
ocfx
I'm a security noob and I've been thinking about writing an encrypted chat
application with Node.js and Socket.io. I have the chat part already done, but
not exactly sure where to proceed with the encryption part. I don't want to
store data and I want the data that is being received and sent to be
encrypted. I was thinking of having users enter a room together with the same
key to use for decryption. This could potentially be something I use and I was
also considering using SJCL. Am I totally way off in my approach to this...?
Suggestions?

~~~
crazygringo
TripleSec seems to be only about the same person who did the encrypting, doing
the decrypting -- for securing your _own_ stuff, not really for communication.
Communication requires exchanging keys beforehand...

[Edit: meant encrypting not encoding... thanks Perseids]

~~~
Perseids
I may be a bit pedantic, but please don't use "encode" when you mean
"encrypt". These words describe two quite different concepts and guarantees.
Exchanging them the other way around produces catastrophic results like "Of
course we encrypt our passwords, we use the renowned base64".

