Lib.rs

Cryptography
#blake3 #encryption #message #bin #mistakes #commitment #bessie

bessie

an authenticated, chunked cipher based on BLAKE3

by Jack O'Connor

5 releases

0.1.0 Feb 4, 2025
0.0.3 Aug 19, 2024
0.0.2 Mar 4, 2024
0.0.1 Jan 4, 2022
0.0.0 Jan 2, 2022

#493 in Cryptography

Download history 116/week @ 2025-01-31 24/week @ 2025-02-07 18/week @ 2025-02-14 3/week @ 2025-02-21 7/week @ 2025-02-28

354 downloads per month
Used in bessie_bin

CC0-1.0 OR Apache-2.0

47KB
751 lines

Bessie

docs.rscrates.io libcrates.io bin

Bessie is an authenticated, chunked cipher based on BLAKE3. The design has been stable for a while, but it hasn't been audited or used in the real world as far as I know. Use with caution.

Features and design goals:

  • general-purpose authenticated encryption
  • no practical limits on the number or size of messages
  • internal random nonce generation, to prevent mistakes
  • streaming encryption and decryption of large messages
  • seekable decryption of large messages
  • low overhead for small messages
  • key commitment

Non-features and non-goals:

  • Not formally/strongly misuse-resistant. Generating random nonces internally avoids a lot of common mistakes, and mixing auth tags into the stream makes nonce reuse somewhat less catastrophic. But nonce reuse does allow an attacker to mix-and-match chunks from different messages, and chunked/streaming constructions are also inherently vulnerable to nonce reuse exploits that all-at-once constructions like AES-SIV are not.
  • No built-in associated data parameters. Callers who need associated data can mix it with their key using a KDF or a keyed hash.

Although the Bessie cipher and its library implementations are eventually intended for production use, the bessie CLI tool will always be for testing and demo purposes only. A general-purpose encryption CLI for real people needs to support public-key encryption and various ways of encoding and managing keys, neither of which are in scope for this project. If you are a real person and you need a general-purpose encryption CLI, consider age.

Usage

To install the bessie CLI tool, which is for testing and demo purposes only:

cargo install bessie_bin

Or to build and install from this repo:

cargo install --path rust/bin

To encrypt and decrypt a 1 MB file using the all-zero key (seriously, testing and demo purposes only):

head -c 1000000 /dev/urandom > myfile
bessie encrypt zero myfile myfile_enc
bessie decrypt zero myfile_enc myfile_copy
cmp myfile myfile_copy

To decrypt just the last byte of the encrypted file:

bessie decrypt zero myfile_enc myfile_last --seek=999999

To run tests for the whole project:

./test.py

Dependencies

~2MB
~52K SLoC