6 releases
| 0.3.0 | Mar 24, 2023 |
|---|---|
| 0.1.4 | Aug 15, 2022 |
| 0.1.3 | Oct 21, 2021 |
#2211 in Cryptography
22KB
426 lines
ROCCA-S for Rust
This is a Rust implementation of the ROCCA-S: an efficient AES-based encryption scheme for beyond 5G authenticated cipher, ported from the Zig implementation.
ROCCA-S is key committing, has a 256 bit key size, a 128 bit nonce, processes 256 bit message blocks and outputs a 256 bit authentication tag.
Cargo flags
std: allow dynamic allocations
std is the default.
IMPORTANT: In order to get decent code on x86 and x86_64 CPUs, you should set
additional rustc flags prior to compiling that crate or a project using it:
export RUSTFLAGS="-Ctarget-feature=+aes,+sse4.1"
A benchmark can be run that way:
export RUSTFLAGS="-C target-cpu=native -Ctarget-feature=+aes,+pclmulqdq,+sse4.1"
cargo bench
Benchmarks
Benchmarks take a 16384 bytes input block. Results are in bytes per second.
Rust implementations
Crates:
aes-gcmchacha20poly1305aegis128lrocca
Scaleway EPYC 7543 instance, RUSTFLAGS set.
| cipher | speed |
|---|---|
| aes256-gcm | 1.18 G/s |
| aes128-gcm | 1.24 G/s |
| chacha20-poly1305 | 1.62 G/s |
| aegis128l (rust) | 5.08 G/s |
| rocca | 5.09 G/s |
WebAssembly (Wasmtime)
| cipher | speed |
|---|---|
| aes256-gcm | 36.88 M/s |
| aes128-gcm | 44.13 M/s |
| chacha20-poly1305 | 193.05 M/s |
| aegis128l | 48.98 M/s |
| rocca | 58.61 M/s |
Other implementations
| cipher (implementation) | speed |
|---|---|
| aes256-gcm (OpenSSL) | 4.97 G/s |
| aes128-gcm (OpenSSL) | 6.89 G/s |
| chacha20-poly1305 (OpenSSL) | 2.67 G/s |
| aes128-ocb (OpenSSL) | 8.93 G/s |
Dependencies
~115KB