aztec-nr - noir_aztec::messages::encryption::poseidon2

Function poseidon2_encrypt

pub fn poseidon2_encrypt<let L: u32>(
    msg: [Field; L],
    shared_secret: EmbeddedCurvePoint,
    encryption_nonce: Field,
) -> [Field; L + 2 / 3 * 3 + 1]

Poseidon2 Encryption.

~160 constraints to encrypt 8 fields. Use this hash if you favour proving speed over long-term privacy for your users.

WARNING: Poseidon2 as an encryption scheme isn't considered as secure as more battle-tested encryption schemes, e.g. AES128. This is because:

it's relatively new;
it isn't used much in the wild, so there's less incentive for hackers or bounty hunters to try to break it;
it doesn't provide post-quantum privacy.

If you want to protect your users' privacy decades into the future, it might be prudent to choose a more 'traditional' encryption scheme. If your app is "lower stakes", and your users will only care about their privacy in the near future or immediate future, then this encryption scheme might be for you!

See the paper: https://drive.google.com/file/d/1EVrP3DzoGbmzkRmYnyEDcIQcXVU7GlOd/view

Note: The return length is: L padded to the next multiple of 3, plus 1 for a message auth code of s[1].

@param encryption_nonce is only needed if your use case needs to protect against replay attacks.