I read that (key, nonce) pair should be used only once for encryption of a message. My question is how confidentiality can be lost if two peers using a shared key use same (key, nonce) pair to encrypt their own messages (messages of peers would be different).
Asked
Active
Viewed 201 times
1
-
1If you reuse a (key,nonce) pair with a stream cipher (like ChaCha) you leak the XOR of the encrypted messages. – SEJPM Jul 23 '18 at 09:38
-
Using the same (key, nonce) in a streamcipher means you're getting the same key stream. Breaking those is equivalent to breaking a one-time-pad with key reuse. – CodesInChaos Jul 23 '18 at 10:23