#crypto #aes #keywrap #aes-kw

no-std aes-keywrap

AES Key Wrap construction (AES-KW, RFC 3394 / RFC 5649)

5 releases

0.2.3 May 27, 2021
0.2.2 Apr 30, 2021
0.2.1 Mar 14, 2021
0.2.0 Oct 19, 2020
0.1.0 Oct 13, 2020

#727 in Cryptography

ISC license

281 lines

AES Key Wrap for Rust

AES Key Wrap is a construction to encrypt secret keys using a master key.

This is an AES-KWP (NIST SP800-38F) implementation for Rust.

It is essentially a 5 round Feistel network using AES as the core function. One half of each AES block is used to encrypt the key, and the second half of the last permutation is used to compute a 64-bit MAC.

It doesn't require nonces, but still allows key reuse.

This is a NIST-blessed construction. Other than that, AES Key Wrap is inefficient and is generally not very useful.


~13K SLoC