Lib.rs

Cryptography
#block-cipher #block-size #128-bit #encryption-key #64-bit #sip-hash #hash

sparx

SPARX block ciphers implementations

by Frank Denis

3 releases

0.1.2 Mar 12, 2019
0.1.1 Feb 17, 2017
0.1.0 Feb 16, 2017

#1790 in Cryptography

Download history 1212/week @ 2023-12-07 1416/week @ 2023-12-14 1911/week @ 2023-12-21 964/week @ 2023-12-28 2623/week @ 2024-01-04 1549/week @ 2024-01-11 1135/week @ 2024-01-18 2189/week @ 2024-01-25 1856/week @ 2024-02-01 1318/week @ 2024-02-08 2115/week @ 2024-02-15 2667/week @ 2024-02-22 1918/week @ 2024-02-29 2124/week @ 2024-03-07 2020/week @ 2024-03-14 1465/week @ 2024-03-21

7,928 downloads per month
Used in 9 crates (2 directly)

ISC license

20KB
380 lines

SPARX block ciphers implementations for Rust

SPARX is a family of lightweight block ciphers allowing small processors to securely encrypt information for a fraction of the cost a standard algorithm would require.

Due to the use of ARX operations, these block ciphers are inherently more secure against side-channel attacks than an S-Box-based cipher such as AES.

Furthermore, unlike all other ARX-based, which share those advantages, SPARX ciphers are the only ARX-based block ciphers for which bounds on the probability of differential and linear trails can be proved.

To sum up, SPARX has:

  • the lightweightness and side-channel resilience of an ARX-based cipher,
  • the security argument of an S-Box-based cipher, and
  • a flexible structure easing implementation trade-offs.

Usage

This crate implements SPARX-64/128 (64 bit block size, 128 bit key) in the sparx64 module and SPARX-128/128 (128 bit block size, 128 bit key) in the sparx128 module.

It doesn't require the Rust standard library.

Encryption of a single block

let key: [u8; KEY_SIZE] = [0x11, 0x00, 0x33, 0x22, 0x55, 0x44, 0x77, 0x66, 0x99, 0x88, 0xbb,
                           0xaa, 0xdd, 0xcc, 0xff, 0xee];
let mut block: [u8; BLOCK_SIZE] = [0x23, 0x01, 0x67, 0x45, 0xab, 0x89, 0xef, 0xcd];
let ks = key_schedule_encrypt(&key); // key schedule - can be reused with multiple blocks
encrypt_block(&mut block, &ks);
// ...

decrypt_block() performs the inverse operation:

let ks = key_schedule_decrypt(&key); // key schedule - can be reused with multiple blocks
decrypt_block(&mut block, &ks);

Encryption of an arbitrary-sized buffer

This uses SPARX in counter mode as well as a 160-bit nonce in order to encrypt multiple blocks.

The internal counter size for this construction with SPARX-64/128 is 32 bits (no more than 32 GB should be encrypted with the same (key, nonce) tuple) and 48 bits with SPARX-128/128 (allowing up to 4 PB to be encrypted with the same (key, nonce) tuple).

The nonce is large enough to be randomly chosen; the probably of a collision to occur will be negligible.

Note that this construction does not add any authentication tags to the message.

let nonce: [u8; NONCE_SIZE] = [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18,
                               19, 20];
let key: [u8; KEY_SIZE] = [0x11, 0x00, 0x33, 0x22, 0x55, 0x44, 0x77, 0x66, 0x99, 0x88, 0xbb,
                           0xaa, 0xdd, 0xcc, 0xff, 0xee];
let input = b"The quick brown fox jumps over the lazy dog";
let mut buf = input.to_vec();
encrypt_ctr(&mut buf, &nonce, &key);
// ...
decrypt_ctr(&mut buf, &nonce, &key);

References

Dependencies

~120KB