Introducing Miscreant: a multi-language misuse resistant encryption library
http://tonyarcieri.com/introducing-miscreant-a-multi-language-misuse-resistant-encryption-library [tonyarcieri.com]
2017-10-18 18:37
For the past several months I have been hacking on not just one, but five encryption libraries in five different languages (Go, Python, Ruby, Rust, and TypeScript). Tall order, I know. And worse, these libraries implement what I believe is a novel cryptographic construction. Are you terrified yet? Yes, I’m implementing novel cryptography, in several languages at that, but I’d like to convince you it’s not as scary as it sounds.
Miscreant implements two modes of AES which provide a unique property called “nonce reuse misuse resistance”. But to understand what that is, I first need to describe a nonce.