#aead #ascon #encryption

no-std ascon-aead

Implementation of the authenticated encryption schemes Ascon-128, Ascon-128a, and Ascon-80pq

7 unstable releases (3 breaking)

Uses new Rust 2021

0.4.0 Aug 1, 2022
0.3.0 Jun 3, 2022
0.2.0 May 28, 2022
0.1.4 Mar 14, 2022
0.1.0 Apr 28, 2021

#502 in Cryptography

Download history 77/week @ 2022-06-03 7/week @ 2022-06-10 2/week @ 2022-06-17 2/week @ 2022-06-24 14/week @ 2022-07-01 14/week @ 2022-07-08 6/week @ 2022-07-15 16/week @ 2022-07-22 40/week @ 2022-07-29 12/week @ 2022-08-05 6/week @ 2022-08-12 8/week @ 2022-08-19 8/week @ 2022-08-26 1/week @ 2022-09-02 39/week @ 2022-09-09 5/week @ 2022-09-16

53 downloads per month

MIT license

120KB
795 lines

Ascon

Pure Rust implementation of the lightweight Authenticated Encryption and Associated Data (AEAD) Ascon-128, Ascon-128a, and Ascon-80pq.

Security Notes

This crate has received no security audit. Use at your own risk.

License

This crate is licensed under the MIT license.


lib.rs:

Authenticated Encryption and Associated Data (AEAD) with Ascon

Security Notes

This crate has received no security audit. Use at your own risk.

Usage

Simple usage (allocating, no associated data):

use ascon_aead::{Ascon128, Key, Nonce}; // Or `Ascon128a`
use ascon_aead::aead::{Aead, KeyInit};

let key = Key::<Ascon128>::from_slice(b"very secret key.");
let cipher = Ascon128::new(key);

let nonce = Nonce::<Ascon128>::from_slice(b"unique nonce 012"); // 128-bits; unique per message

let ciphertext = cipher.encrypt(nonce, b"plaintext message".as_ref())
    .expect("encryption failure!"); // NOTE: handle this error to avoid panics!

let plaintext = cipher.decrypt(nonce, ciphertext.as_ref())
    .expect("decryption failure!"); // NOTE: handle this error to avoid panics!

assert_eq!(&plaintext, b"plaintext message");

In-place Usage (eliminates alloc requirement)

Similar to other crates implementing [aead] interfaces, this crate also offers an optional alloc feature which can be disabled in e.g. microcontroller environments that don't have a heap. See [aead::AeadInPlace] for more details.

# #[cfg(feature = "heapless")] {
use ascon_aead::{Ascon128, Key, Nonce}; // Or `Ascon128a`
use ascon_aead::aead::{AeadInPlace, KeyInit};
use ascon_aead::aead::heapless::Vec;

let key = Key::<Ascon128>::from_slice(b"very secret key.");
let cipher = Ascon128::new(key);

let nonce = Nonce::<Ascon128>::from_slice(b"unique nonce 012"); // 128-bits; unique per message

let mut buffer: Vec<u8, 128> = Vec::new(); // Buffer needs 16-bytes overhead for authentication tag
buffer.extend_from_slice(b"plaintext message");

// Encrypt `buffer` in-place, replacing the plaintext contents with ciphertext
cipher.encrypt_in_place(nonce, b"", &mut buffer).expect("encryption failure!");

// `buffer` now contains the message ciphertext
assert_ne!(&buffer, b"plaintext message");

// Decrypt `buffer` in-place, replacing its ciphertext context with the original plaintext
cipher.decrypt_in_place(nonce, b"", &mut buffer).expect("decryption failure!");
assert_eq!(&buffer, b"plaintext message");
# }

Dependencies

~0.6–1.3MB
~29K SLoC