Secret-key single-message authentication using Poly1305
One-time authentication in Sodium uses Poly1305, a Wegman-Carter authenticator designed by D. J. Bernstein.
Poly1305 takes a 32-byte, one-time key and a message and produces a 16-byte tag that authenticates the message such that an attacker has a negligible chance of producing a valid tag for a inauthentic message.
Keys should never be reused, even with different messages.
Example
const string MESSAGE = "Data to authenticate";
var key = OneTimeAuth.GenerateKey();
//get the authentication code
var signature = OneTimeAuth.Sign(MESSAGE, key);
if (OneTimeAuth.Verify(MESSAGE, signature, key)) {
//message ok
}
Random Helpers
public static byte[] GenerateKey()
Namespace: Sodium.OneTimeAuth
Uses Sodium.SodiumCore.GetRandomBytes() to generate a 32 byte key.
Usage
Sign
public static byte[] Sign(byte[] message, byte[] key)
//there exists an overloaded version:
public static byte[] Sign(string message, byte[] key)
This is the .NET equivalent of crypto_onetimeauth.
Namespace: Sodium.OneTimeAuth
The Sign() function authenticates a message, with a key.
The key must be 32 bytes, otherwise the function throws a KeyOutOfRangeException.
The function returns a 16 (authenticator) byte array.
Verify
public static bool Verify(byte[] message, byte[] signature, byte[] key)
//there exists an overloaded version:
public static bool Verify(string message, byte[] signature, byte[] key)
This is the .NET equivalent of crypto_onetimeauth_verify.
Namespace: Sodium.OneTimeAuth
The Verify() function verifies a message, with a signature and a key.
The key must be 32 bytes, otherwise the function throws a KeyOutOfRangeException.
The signature must be 16 bytes, otherwise the function throws a SignatureOutOfRangeException.
The function returns true on success, otherwise false.
Algorithm details
- Poly1305