Poly1305 is a fast, one-time authentication function created by Daniel J.
Bernstein. It is infeasible for an attacker to generate an authenticator for a
message without the key. However, a key must only be used for a single message.
Authenticating two different messages with the same key allows an attacker to
forge authenticators for other messages with the same key.