Libsodium SecretBox Online Tool

NaCl crypto_secretbox - XSalsa20-Poly1305 Authenticated Encryption

crypto_secretbox XSalsa20-Poly1305 PyNaCl Compatible
Created by @anish2good - Cryptography Engineer
Operation Mode
Message
Additional Authenticated Data (AAD)
This data is authenticated but NOT encrypted. Use for headers or metadata.
Secret Key & Nonce click to expand
8-byte nonce in hexadecimal format
About crypto_secretbox (XSalsa20-Poly1305)

Libsodium's crypto_secretbox is the same as NaCl's secretbox - authenticated encryption in one function.

  • XSalsa20: Extended-nonce Salsa20 stream cipher (192-bit nonce)
  • Poly1305: One-time MAC for authentication (16-byte tag)
  • 32-byte key: 256-bit secret key for encryption
  • Compatible: Works with PyNaCl, libsodium, TweetNaCl
Related NaCl Tools
NaCl XSalsa20 Encryption NaCl AEAD Encryption (This Tool) NaCl Box Encryption NaCl SealedBox Encryption

Support This Free Tool

Every coffee helps keep the servers running. Every book sale funds the next tool I'm dreaming up. You're not just supporting a site — you're helping me build what developers actually need.

500K+ users
200+ tools
100% private
One-time support Buy me a coffee 📚 Learn & support 9-Book Bundle - $9 Stay updated Follow @anish2good
Privacy Guarantee: Private keys you enter or generate are never stored on our servers. All tools are served over HTTPS.

Libsodium crypto_secretbox: Secret-key Authenticated Encryption

The crypto_secretbox function (also known as secretbox in NaCl) encrypts and authenticates a message using a single secret key and a nonce. It combines XSalsa20 encryption with Poly1305 authentication in a single operation.

Key Parameters

  • Key size: 32 bytes (256 bits) - crypto_secretbox_KEYBYTES
  • Nonce size: 24 bytes (192 bits) - crypto_secretbox_NONCEBYTES
  • MAC size: 16 bytes (128 bits) - Poly1305 authentication tag

Library Compatibility

This tool produces output compatible with:

  • PyNaCl: nacl.secret.SecretBox
  • libsodium: crypto_secretbox_easy()
  • TweetNaCl.js: nacl.secretbox()
  • Go: golang.org/x/crypto/nacl/secretbox

Security Notes

The nonce must be unique for each message encrypted with the same key. Never reuse a nonce - this would compromise security. The nonce doesn't need to be secret, only unique.

Learn more about NaCl Cryptography

What is NaCl (Networking and Cryptography Library)?

NaCl (pronounced "salt") is a high-speed, easy-to-use cryptography library created by Daniel J. Bernstein, the mathematician behind Curve25519 and ChaCha20. NaCl focuses on providing secure defaults and avoiding common cryptographic pitfalls.

Libsodium is a portable, cross-platform fork of NaCl with the same API but better packaging and additional algorithms. Most modern applications use libsodium.

NaCl Cryptographic Primitives

Function Algorithm Purpose
crypto_secretbox XSalsa20-Poly1305 Secret-key authenticated encryption
crypto_box Curve25519 + XSalsa20-Poly1305 Public-key authenticated encryption
crypto_box_seal X25519 + XSalsa20-Poly1305 Anonymous public-key encryption
crypto_stream XSalsa20 Stream cipher (no authentication)
crypto_sign Ed25519 Digital signatures
crypto_hash SHA-512 Cryptographic hashing
crypto_auth HMAC-SHA-512-256 Message authentication

Key Sizes & Parameters

Secret-key Encryption (secretbox)
  • Key: 32 bytes (256 bits)
  • Nonce: 24 bytes (192 bits)
  • MAC: 16 bytes (128 bits)
Public-key Encryption (box)
  • Public key: 32 bytes
  • Private key: 32 bytes
  • Nonce: 24 bytes
Important: Never reuse a nonce with the same key. The nonce doesn't need to be secret, only unique.

NaCl vs Libsodium vs TweetNaCl

Library Language Notes
NaCl C Original by D.J. Bernstein. Reference implementation.
Libsodium C Portable fork of NaCl. Most widely used. Adds AEAD, Argon2, etc.
TweetNaCl C (100 tweets) Minimal implementation in ~100 tweets. Auditable.
PyNaCl Python Python bindings to libsodium.
TweetNaCl.js JavaScript JavaScript port of TweetNaCl for browsers/Node.js.
Sodium (Go) Go golang.org/x/crypto/nacl

When to Use Each NaCl Function

Use secretbox when:
  • Both parties share the same secret key
  • Encrypting local data (file encryption)
  • Session encryption after key exchange
Use box when:
  • Sender and receiver have key pairs
  • Both parties need to be authenticated
  • Secure messaging between known parties
Use sealedbox when:
  • Sender wants to remain anonymous
  • Anonymous tip lines or feedback
  • Only recipient's public key is known
Use stream (XSalsa20) when:
  • You need raw stream cipher only
  • Implementing custom protocols
  • Warning: No authentication!

Code Examples

# PyNaCl - Secret Box Encryption
from nacl.secret import SecretBox
from nacl.utils import random

key = random(SecretBox.KEY_SIZE)  # 32 bytes
box = SecretBox(key)

# Encrypt
ciphertext = box.encrypt(b"Hello, World!")

# Decrypt
plaintext = box.decrypt(ciphertext)
// TweetNaCl.js - Secret Box Encryption
const nacl = require('tweetnacl');

const key = nacl.randomBytes(32);
const nonce = nacl.randomBytes(24);
const message = new TextEncoder().encode("Hello, World!");

// Encrypt
const ciphertext = nacl.secretbox(message, nonce, key);

// Decrypt
const plaintext = nacl.secretbox.open(ciphertext, nonce, key);
// Go - Secret Box Encryption
import "golang.org/x/crypto/nacl/secretbox"

var key [32]byte
var nonce [24]byte
rand.Read(key[:])
rand.Read(nonce[:])

// Encrypt
ciphertext := secretbox.Seal(nil, []byte("Hello"), &nonce, &key)

// Decrypt
plaintext, ok := secretbox.Open(nil, ciphertext, &nonce, &key)

Security Considerations

  • Nonce reuse: NEVER reuse a nonce with the same key. This completely breaks security.
  • Key management: Use proper key derivation functions (Argon2, HKDF) for password-based keys.
  • Random generation: Use cryptographically secure random number generators.
  • Timing attacks: NaCl/libsodium functions are designed to be constant-time.
  • Memory safety: Libsodium provides sodium_memzero() to securely clear sensitive data.

Learn More

Official Documentation
8gwifi.org NaCl Tools
Quick Access