Introduction
The noise
package defines two sets of APIs: boxes and pipes. Boxes handle standalone messages, and pipes encrypt communication channels.
To begin, a sender and a receiver must create a keypair:
sender(senderPK, senderSK) <- code="" style="line-height: 16.12px; margin: 0px; padding: 0px;">createKeypair->
receiver
(receiverPK, receiverSK) <- code="" style="line-height: 16.12px; margin: 0px; padding: 0px;">
createKeypair->
Send the public keys around, and keep the private keys safe.
Box API
Boxes are created using seal
, and opened using open
:
>>>
b <- 32="" ello="" pack="" receiverpk="" seal="" sender="" span="" ust="" world="">>>>
print $ open receiverSK (Just senderPK) b
Just "Hello world!"
->
When creating a box, you specify the sending keypair, the receiving public key, the amount of random padding you want (to obscure the plaintext length), and the message. To open it, you specify the secret key of the receiving party, and the public key of the sender.
Attempting to open a box from someone other than the sender will result in failure.
Senders may also be anonymous, where the sender does not specify a long-term key pair:
>>>
b <- 32="" ello="" nothing="" pack="" receiverpk="" seal="" span="" world="">>>>
print $ open receiverSK Nothing b
Just "Hello world!"
->
In the above example, the sender of the box is anonymous without a keypair, and attempting to use a value other than Nothing
as the key will error. When the sender is anonymous, they are only identified by a short-term ephemeral key, which is used only once for the corresponding box.
Once you have encrypted a value using seal
, it can only be decrypted by the receiving party with the secret key. This property means that boxes are forward secret: once you are done creating them and have 'forgotten' the message, you cannot recover it. Furthermore, boxes are deniable: a recipient of a box can authenticate the sender. But they cannot produce signed evidence binding the sender to anything. Finally, boxes do not produce any evidence of who created them or who the receiver is, and resist tampering with a strong MAC.