Yuriy, On Tue, Jan 21, 2014 at 01:32:23PM +0400, Yuriy Kaminskiy wrote:
Correct format should be: 6[1]|temp_keypair.pubkey|len(recipients)[4]|(recipients...)|(secretboxes...)
Let me recap to see if I really got it right: the sender does: - generate a random single-use keypair - generate a random secretbox key - secretbox the message 32k-wise with the former - box that key for each recipient - put into the output the cipher, the recipient stuff and the public key part of the random single-use keypair Is that right? So, in order to communicate with someone, only user A has to publish her public key. User B takes it, box()es a message for her, puts his (random) pk into it and sends it. A then uses the public key included in the message plus her own secret key, decrypts the message and drops B's public key afterwards. Because, usually with curve25519 both A and B had to exchange their public keys in advance to be able to communicate. The scheme above makes it a lot easier for users but is it sufficient securitywise? best, Tom -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.