Blockchain and Hybrid Encryption: A Dual Layer Approach to Secure Data Communication

Hello Researcher,

I hope you are doing well. Thanks for giving me the chance to review the research paper on blockchain and hybrid encryption. I like the research paper efficiently in the encryption dual-way authentication, and it will process very fast compared to other algorithms. The paper shows the depth process of the authentication and authorization technique, also correct, but I can see that the ChaCha20-Poly1305 algorithm has an issue with nonce management, with duplicate generation of the ID for authentication, and it can be a security concern because they can decrypt and use the same nonce with data manipulations.

I suggest two ways to improve this implementation process.

and it can have these problems.

Never reuse a nonce with the same key. Period.

Use authenticated encryption (like ChaCha20-Poly1305) to prevent tampering.

Persist counters or track random nonces to prevent collisions.

Encrypt with fresh keys frequently if you can’t trust your nonce logic.

Use a well-tested crypto library

I think if you can try to add and implement with correct nonce management techniques, such as

1) 

Advanced: Using libsodium (PyNaCl or native)

Libsodium simplifies nonce management crypto_aead_chacha20poly1305_ietf, using best practices internally. For example:

from nacl.secret import SecretBox
from nacl.utils import random

key1 = SecretBox.generate().encode()
box1 = SecretBox(key1)
nonce1 = random(24)  # For SecretBox only. For AEAD: use 12-byte.
ciphertext = box1.encrypt(b"secret data", nonce)

2) Use UUID generation plus Key Derivation for a unique nonce key

from cryptography.hazmat.primitives.kdf.hkdf import HKDF

from cryptography.hazmat.primitives.hashes import SHA256

from cryptography.hazmat.primitives.ciphers.aead import ChaCha20Poly1305

import uuid

import os

# Master key generation

master_key = os.urandom(32) # 256-bit base key

# Generate UUIDv4 key id

message_uuid = uuid.uuid4().bytes # 16 bytes

# Derive a unique key per message to process into systems

hkdf = HKDF(

  algorithm=SHA256(),

  length=32,

  salt=None,

  info=b'per-message-key',

)

derived_key = hkdf.derive(master_key + message_uuid)

# Use a constant nonce, since key is now unique

nonce = b'\x00' * 12

aead = ChaCha20Poly1305(derived_key)

ciphertext = aead.encrypt(nonce, b"secret data", None)

This will help to generate the duplicate ID, and it will prevent security issues because security is most important in the authentication process. I have used several authentication previously and show this kind of problem. I have overcome this process previously.

Overall, the research paper is good. I like it.

Thanks,

Niravkumar Patel