We have the need of saving encrypted data (general length 30-100 chars, unencrypted) into a database, this data will have to be read and decrypted in several different applications (PHP, python, ruby).
After doing a bit of research about it, and reaching libsodium, we have a few questions.
Between sodium_secretbox (sodium_crypto_box_xsalsa20poly1305) and sodium_crypto_aead_xchacha20poly1305_ietf which is nowadays recommended? Or do they fill different needs?
refs:
- https://github.com/jedisct1/libsodium/issues/554#issuecomment-317589724
- https://github.com/jedisct1/libsodium/issues/870#issuecomment-532221462
- https://doc.libsodium.org/secret-key_cryptography/aead#tl-dr-which-one-should-i-use
In the case of sodium_crypto_aead_xchacha20poly1305_ietf it seems to require additional data (https://github.com/jedisct1/libsodium/blob/master/src/libsodium/include/sodium/crypto_aead_xchacha20poly1305.h#L40) which is "used in the verification of the authentication tag appended to the ciphertext, but it is not encrypted or stored in the ciphertext". (https://security.stackexchange.com/questions/179273/what-is-the-purpose-of-associated-authenticated-data-in-aead)
Since the authenticated data is optional, sodium_crypto_aead_xchacha20poly1305 can be used like sodium_secretbox. But is it right (from a security perspective) to not add any authenticated data?
