Raw Sealed Box Encryption¶
Sealed box is a variant of public key encryption scheme where the sender is not authenticated. This is done by generating an ephemeral key pair, which the public key is prefixed to the cipher text.
First, generate a keypair for the receiver. The sender doesn’t need a keypair.
import libnacl
pk, sk = libnacl.crypto_box_keypair()
Then a sealed box is created by the sender, using the receiver’s public key
msg = 'Quiet, quiet. Quiet! There are ways of telling whether she is a witch.'
box = libnacl.crypto_box_seal(msg, pk)
The receiver then can decrypt the box using their keypair.
clear_msg = libnacl.crypto_box_seal_open(box, pk, sk)
To bring it all together:
import libnacl
pk, sk = libnacl.crypto_box_keypair()
msg = 'Quiet, quiet. Quiet! There are ways of telling whether she is a witch.'
box = libnacl.crypto_box_seal(msg, pk)
clear_msg = libnacl.crypto_box_seal_open(box, pk, sk)