18 releases (8 stable)
2.1.2 | Sep 6, 2022 |
---|---|
2.1.0 | Jul 19, 2022 |
1.3.0 | May 31, 2022 |
0.5.3 | Apr 29, 2022 |
0.5.2 | Mar 9, 2022 |
#1429 in Cryptography
Used in 2 crates
150KB
3K
SLoC
cosmian_crypto_base
This crate implements crypto primitives which are used in many other Cosmian crypto resources
- symmetric crypto: AES 256 GCM (pure and libsodium version), xChaCha20 (libsodium), FPE FF1 (pure)
- elliptic curves: Ristretto Curve 25519
- KDF: HKDF 256
- primes: routines to extract prime numbers up to 2^400
- entropy: Cryptographically secure pseudo random generators with normal and Gaussian distributions
- brc_cprf: BRC, a constrained PRF (see below)
- aes_hash_mmo: using the native implementation of AES 256 as a hash function.
- key wrapping/unwrapping by following rfc5649 and rfc3394
It also exposes a few traits, SymmetricCrypto
and AsymmetricCrypto
(aka Public Key Crypto), KEM
, DEM
,... which are used as building blocks for other constructions.
Building
Some of the encryption schemes (xChaCha20 in particular) use libsodium.
These schemes are not built by default, use --feature libsodium
to build them. The libsodium-dev
library should be installed on your system.
The default feature schemes can all be built to a WASM target.
Constrained PRF
This construct is a simple and efficient range-constrained PRF from the tree-based GGM PRF [GGM84].This instantiation has been described by Kiayiaset al.KPTZ13 and is called best range cover (BRC).
Benchmarks
Intel(R) Core(TM) i7-8700 CPU @ 3.20GHz - 6400 bogomips . Single Threaded.
Bench of leaves generation from a node with varying depth (2500 rounds per depth)
Average: 76 nano per leave for depth: 4 (16 leaves)
Average: 79 nano per leave for depth: 5 (32 leaves)
Average: 79 nano per leave for depth: 6 (64 leaves)
Average: 81 nano per leave for depth: 7 (128 leaves)
Average: 80 nano per leave for depth: 8 (256 leaves)
Average: 79 nano per leave for depth: 9 (512 leaves)
Average: 78 nano per leave for depth: 10 (1024 leaves)
Average: 78 nano per leave for depth: 11 (2048 leaves)
Average: 77 nano per leave for depth: 12 (4096 leaves)
Average: 77 nano per leave for depth: 13 (8192 leaves)
Average: 76 nano per leave for depth: 14 (16384 leaves)
Average: 77 nano per leave for depth: 15 (32768 leaves)
Average: 77 nano per leave for depth: 16 (65536 leaves)
Bench of a trapdoor serialization/de-serialization averaged over 50000 rounds
- 1 nodes: serialization/de-serialization 49/38 nanos)
- 2 nodes: serialization/de-serialization 54/39 nanos)
- 3 nodes: serialization/de-serialization 55/40 nanos)
- 4 nodes: serialization/de-serialization 69/49 nanos)
- 5 nodes: serialization/de-serialization 69/47 nanos)
- 6 nodes: serialization/de-serialization 73/49 nanos)
- 7 nodes: serialization/de-serialization 68/47 nanos)
- 8 nodes: serialization/de-serialization 73/50 nanos)
- 9 nodes: serialization/de-serialization 83/55 nanos)
- 10 nodes: serialization/de-serialization 82/56 nanos)
AES as a Hash Function
Using the native implementation of AES 256 as a hash function.
Implements the scheme of S. Matyas, C. Meyer and J. Oseas Hᵢ = E(Hᵢ₋₁, Xᵢ)^Xᵢ^Hᵢ₋₁ where the AES encryption of plaintext X with key K will is denoted with E(K, X)
see https://www.esat.kuleuven.be/cosic/publications/article-48.pdf
Since the block size is 16 and we need to encrypt 32 bytes (top get a 256 bit hash) we use AES in counter mode to encrypt two blocks of 16 bytes
Benchmarks
The Sha256 implementation is that of libsodium. The AES MMO implementation is particularly performing for data lengths that are multiples of 32 bytes.
Intel(R) Core(TM) i9-9980HK CPU @ 2.40GHz - 4800 bogomips . Single Threaded.
Average over 500000 rounds of 16 data bytes: nano per hash aes: 107; sha256 325
Average over 500000 rounds of 32 data bytes: nano per hash aes: 111; sha256 326
Average over 500000 rounds of 48 data bytes: nano per hash aes: 188; sha256 323
Average over 500000 rounds of 64 data bytes: nano per hash aes: 192; sha256 629
Average over 500000 rounds of 80 data bytes: nano per hash aes: 270; sha256 628
Average over 500000 rounds of 96 data bytes: nano per hash aes: 270; sha256 624
Average over 500000 rounds of 112 data bytes: nano per hash aes: 346; sha256 623
Average over 500000 rounds of 128 data bytes: nano per hash aes: 351; sha256 885
Average over 500000 rounds of 144 data bytes: nano per hash aes: 428; sha256 887
Average over 500000 rounds of 160 data bytes: nano per hash aes: 430; sha256 885
Average over 500000 rounds of 176 data bytes: nano per hash aes: 505; sha256 886
Average over 500000 rounds of 192 data bytes: nano per hash aes: 511; sha256 1146
Average over 500000 rounds of 208 data bytes: nano per hash aes: 585; sha256 1150
Average over 500000 rounds of 224 data bytes: nano per hash aes: 592; sha256 1149
Average over 500000 rounds of 240 data bytes: nano per hash aes: 667; sha256 1147
Average over 500000 rounds of 256 data bytes: nano per hash aes: 670; sha256 1405
Dependencies
~6.5MB
~125K SLoC