#crypto #strobe #protocol #framework #no-std

no-std strobe-rs

An implementation of the Strobe protocol framework in pure Rust

20 releases

0.8.1 Oct 10, 2022
0.7.1 Feb 13, 2022
0.7.0 Dec 29, 2021
0.6.2 Nov 11, 2020
0.3.4 Jul 7, 2018

#296 in Cryptography

Download history 6722/week @ 2023-08-03 10097/week @ 2023-08-10 2129/week @ 2023-08-17 1254/week @ 2023-08-24 664/week @ 2023-08-31 680/week @ 2023-09-07 1058/week @ 2023-09-14 801/week @ 2023-09-21 895/week @ 2023-09-28 814/week @ 2023-10-05 1619/week @ 2023-10-12 1579/week @ 2023-10-19 1308/week @ 2023-10-26 1737/week @ 2023-11-02 1249/week @ 2023-11-09 1317/week @ 2023-11-16

5,710 downloads per month
Used in 23 crates (14 directly)


916 lines


CI Coverage Version Docs

This is a relatively barebones, no_std implementation of the Strobe protocol framework in pure Rust. It is intended to be used as a library to build other protocols and frameworks. This implementation currently only supports Keccak-f[1600] as the internal permutation function, which is the largest possible block size, so big deal.


A simple program that encrypts and decrypts a message:

use strobe_rs::{SecParam, Strobe};

fn main() {
    let mut rx = Strobe::new(b"correctnesstest", SecParam::B256);
    let mut tx = Strobe::new(b"correctnesstest", SecParam::B256);

    rx.key(b"the-combination-on-my-luggage", false);
    tx.key(b"the-combination-on-my-luggage", false);

    let mut msg = b"Attack at dawn".to_vec();
    rx.send_enc(msg.as_mut_slice(), false);

    // Rename for clarity. `msg` has been encrypted in-place.
    let mut ciphertext = msg;

    tx.recv_enc(ciphertext.as_mut_slice(), false);

    // And back again.
    let round_trip_msg = ciphertext;

    assert_eq!(&round_trip_msg, b"Attack at dawn");


Default features flags: [none]

Feature flag list:

  • std - Implements std::error::Error for AuthError.
  • serialize_secret_state - Implements serde's Serialize and Deserialize traits for the Strobe struct. SECURITY NOTE: Serializing Strobe state outputs security sensitive data that MUST be kept private. Treat the data as you would a private encryption/decryption key.

For info on how to omit or include feature flags, see the cargo docs on features.


The current minimum supported Rust version (MSRV) is 1.51.0 (2021-03-25).


To run tests, execute

cargo test --all-features

This includes known-answer tests, which test against JSON-encoded test vectors in the kat/ directory. To verify these test vectors against the reference Python implementation, cd into kat/, run python2 verify_test_vector.py and follow the included instructions.


To benchmark, run

cargo bench

This will produce a summary with plots in target/crieteron/report/index.html. These won't be very interesting, since almost every function in STROBE has the same runtime.


  • Contribute an asm impelmentation of Keccak-f[1600] to tiny-keccak and expose a feature flag that lets strobe-rs users choose which implementation they prefer.


Licensed under either of

at your option.


This code has not been audited in any sense of the word. Use at your own discretion.


~24K SLoC