Streaming encryption protocol based on libsodium's box primitive

The protocol uses symmetric crypto primitive from Sodium, leaves key distribution - arguably the most difficult part - beyond the scope.<p>I&#x27;m not a cryptographer, but I do know, that cryptographic protocols are damn hard and their design should be left to professionals.

Hi I am the author of this protocol (but I did not post it to hacker news)<p>To clarify: this is not a substitute for TLS, DTLS, Curvecp, or Noise-Pipes -- because there is no key agreement handshake.<p>You could use this <i>with</i> a suitable handshake protocol to encrypt the rest of the session, or you could encrypt a file.<p>Do not use this protocol on it&#x27;s own to encrypt a tcp connection. I have updated the protocols documentation to make this more clear.

This is a bit weird. Why not use an AEAD construction? Libsodium provides ChaCha20Poly1305, conform to RFC 7539.<p>The code is also confusing. &quot;box&quot; is actually the &quot;secretbox_easy&quot; operation, but rewritten using &quot;secretbox&quot;. Which intentionally doesn&#x27;t exist in libsodium.js because it only makes sense in C code.

Any idea how it compares to CurveCP [<a href="http:&#x2F;&#x2F;curvecp.org&#x2F;" rel="nofollow">http:&#x2F;&#x2F;curvecp.org&#x2F;</a>] and Noise [<a href="https:&#x2F;&#x2F;github.com&#x2F;trevp&#x2F;noise&#x2F;wiki" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;trevp&#x2F;noise&#x2F;wiki</a>]?

What are some uses people are thinking of after reading the README?<p>Here are some of mine:<p>* Encrypted live communication (video, voip, IM) via a web browser<p>* Could something like this be added to the SSL&#x2F;TLS security in HTTP?

Why should I ever use this instead of DTLS?

This would be great as a obfsproxy plugin if I understand it correctly