Crate aez

Source
Expand description

AEZv5.

AEZ is an authenticated-encryption (AE) scheme optimized for ease of correct use (“AE made EZ”). It was invented by Viet Tung Hoang, Ted Krovetz, and Phillip Rogaway. The algorithm encrypts a plaintext by appending to it a fixed authentication block (some zero bits) and then enciphering the resulting string with an arbitrary-input-length blockcipher, this tweaked by the nonce, AD, and authenticator length. The approach results in strong security and usability properties, including nonce-reuse misuse resistance, automatic exploitation of decryption-verified redundancy, and arbitrary, user-selectable length expansion. AEZ is parallelizable and its computational cost is roughly that of OCB. On recent Intel processors, AEZ runs at about 0.7 cpb.

The C implementation is compiled assuming AES-NI support. There is no software fallback implemented in this crate.

// The secret key may be any byte slice. 48 bytes are recommended.
let cipher = Aez::new(&secret_key);

// Expand the ciphertext by 16 bytes for authentication.
let mut pt = b"Hello world!".to_vec();
let mut ct = vec![0u8; pt.len() + 16];

// Encrypt the message with a nonce, and optionally additional data.
cipher.encrypt(&[0], None, &pt, &mut ct);

// Decrypt and validate the ciphertext.
cipher.decrypt(&[0], None, &ct, &mut pt).expect("invalid ciphertext");

// Message decrypted!
assert_eq!(pt, b"Hello world!");

Structs§