The Aranya Cryptography Engine.

Overview

Instead of performing ad-hoc cryptography, Aranya's cryptography is centralized inside of the cryptography engine. The cryptographic APIs provided by the cryptography engine are described in multiple documents, including the IDAM and IDAM crypto specs.

While it's generally referred to as the cryptography engine, it's important to note that there can be multiple implementations of the cryptography engine. The cryptography engine requires a particular set of primitives, but allows users to choose their own algorithms.

Design

As mentioned above, the cryptography engine only requires certain cryptographic primitives, not algorithms. For instance, it requires an AEAD with at least a 128-bit security level, not AES-GCM.

The set of algorithms is referred to as a cipher suite. Each algorithm has an identifier that distinguishes it from other algorithms implementing the same primitive. For example, the identifier for AES-256-GCM is different from the identifer for ChaCha20Poly1305. The identifiers for the algorithms used by a particular cipher suite are referred to as the cipher suite's identifier, or "suite IDs."

Every cryptographic operation performed by the engine mixes in the cipher suite's identifier for domain separation and contextual binding purposes. Among other things, this helps prevent cross-version attacks.