1 unstable release
Uses old Rust 2015
0.0.0 | Oct 22, 2019 |
---|
#36 in #stream-cipher
7KB
RustCrypto: stream ciphers
Collection of stream ciphers written in pure Rust.
⚠️ Security Warning: Hazmat!
Crates in this repository do not ensure ciphertexts are authentic (i.e. by using a MAC to verify ciphertext integrity), which can lead to serious vulnerabilities if used incorrectly!
Aside from the chacha20
crate, no crates in this repository have yet
received any formal cryptographic and security reviews/audits.
USE AT YOUR OWN RISK!
Crates
Name | Crate name | Crates.io | Docs | MSRV | Security |
---|---|---|---|---|---|
ChaCha | chacha20 |
💚 | |||
HC-256 | hc-256 |
💛 | |||
Rabbit | rabbit |
💛 | |||
RC4 | rc4 |
💔 | |||
Salsa20 | salsa20 |
💚 |
Security Level Legend
The following describes the security level ratings associated with each hash function (i.e. algorithms, not the specific implementation):
Heart | Description |
---|---|
💚 | No known successful attacks |
💛 | Theoretical break: security lower than claimed |
💔 | Attack demonstrated in practice: avoid if at all possible |
Minimum Supported Rust Version (MSRV) Policy
MSRV bump is considered a breaking change and will be performed only with a minor version bump.
Example
Crates functionality is expressed in terms of traits defined in the cipher
crate.
Let's use ChaCha20 to demonstrate usage of synchronous stream cipher:
use chacha20::ChaCha20;
// Import relevant traits
use chacha20::cipher::{KeyIvInit, StreamCipher, StreamCipherSeek};
use hex_literal::hex;
let key = [0x42; 32];
let nonce = [0x24; 12];
let plaintext = hex!("00010203 04050607 08090a0b 0c0d0e0f");
let ciphertext = hex!("e405626e 4f1236b3 670ee428 332ea20e");
// Key and IV must be references to the `GenericArray` type.
// Here we use the `Into` trait to convert arrays into it.
let mut cipher = ChaCha20::new(&key.into(), &nonce.into());
let mut buffer = plaintext.clone();
// apply keystream (encrypt)
cipher.apply_keystream(&mut buffer);
assert_eq!(buffer, ciphertext);
let ciphertext = buffer.clone();
// ChaCha ciphers support seeking
cipher.seek(0u32);
// decrypt ciphertext by applying keystream again
cipher.apply_keystream(&mut buffer);
assert_eq!(buffer, plaintext);
// stream ciphers can be used with streaming messages
cipher.seek(0u32);
for chunk in buffer.chunks_mut(3) {
cipher.apply_keystream(chunk);
}
assert_eq!(buffer, ciphertext);
License
All crates licensed under either of
at your option.
Contribution
Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.
Dependencies
~12KB