Re: fun with nonces

Stefan Claas wrote:

I believe that this scheme is secure enough when using it,
for example, with Adiantum and allows Alice and Bob not to
worry about nonce creation, which they do not want to send
to each other and it is also easy to use and to understand.
 
[1] https://github.com/stefanclaas/nora
[2] https://github.com/stefanclaas/adiantum

A sample run of nora, Adiantum and Argon2id (for a deterministic
256 bit key):

$ argon2id -p test -s test -w key
(a26b1128e1240639f2379b66fc56ea00a0e93e976aade1227cc5b34b38d00a82)

$ nora -p test -n 10 -s
1: ad0cbbf918830532d767c8a480495cdc 20240708
2: 26976ec2d08a91b1db184f40deae2128 20240708
3: e825c6ce7b0a3abd7ccba70035a445c4 20240708
4: 1dcf05c05761384313be893293e05348 20240708
5: 00b601719fe6a69bd3e475177a9d1d8c 20240708
6: ee4eaa08a04ee004228b35f05a24dfc2 20240708
7: 275ce7188f08be7c289fb017dfb7edcf 20240708
8: 2d39733a7336d33f7b806f7a3e79fea6 20240708
9: f7e9275ddba627fc8a48b3ca71ac91e9 20240708
10: 8659306f69634b7127bdf3701c887747 20240708

$ echo -n 'Hi Alice, I arrived today at 06:00 PM.' | adiantum key
 n-1 > msg_enc.txt

$ hexdump -Cv msg.txt
00000000  48 69 20 41 6c 69 63 65  2c 20 49 20 61 72 72 69  |Hi Alice, I arri|
00000010  76 65 64 20 74 6f 64 61  79 20 61 74 20 30 36 3a  |ved today at 06:|
00000020  30 30 20 50 4d 2e                                 |00 PM.|
00000026

$ hexdump -Cv msg_enc.txt
00000000  d7 74 06 ca 73 bd a2 07  38 cb 80 0a 73 62 79 d6  |.t..s...8...sby.|
00000010  d4 89 96 a5 ff 5e f6 ba  4e 13 e0 a0 93 f8 81 88  |.....^..N.......|
00000020  c0 bb a3 a8 a8 42                                 |.....B|
00000026

As one can see FPE (Format Preserving Encryption) is pretty cool,
because one can use it with a base26 encoder for SMS messages,
with an old feature phone and a cute GPD MicroPC and does not
need a smartphone, which can be easily compromised with Pegasus etc.

--
Regards
Stefan