Crate ascon_aead

source · []
Expand description

Authenticated Encryption and Associated Data (AEAD) with Ascon

Security Notes

This crate has received no security audit. Use at your own risk.

Usage

Simple usage (allocating, no associated data):

use ascon_aead::{Ascon128, Key, Nonce}; // Or `Ascon128a`
use ascon_aead::aead::{Aead, NewAead};

let key = Key::<Ascon128>::from_slice(b"very secret key.");
let cipher = Ascon128::new(key);

let nonce = Nonce::<Ascon128>::from_slice(b"unique nonce 012"); // 128-bits; unique per message

let ciphertext = cipher.encrypt(nonce, b"plaintext message".as_ref())
    .expect("encryption failure!"); // NOTE: handle this error to avoid panics!

let plaintext = cipher.decrypt(nonce, ciphertext.as_ref())
    .expect("decryption failure!"); // NOTE: handle this error to avoid panics!

assert_eq!(&plaintext, b"plaintext message");

In-place Usage (eliminates alloc requirement)

Similar to other crates implementing aead interfaces, this crate also offers an optional alloc feature which can be disabled in e.g. microcontroller environments that don’t have a heap. See aead::AeadInPlace for more details.

use ascon_aead::{Ascon128, Key, Nonce}; // Or `Ascon128a`
use ascon_aead::aead::{AeadInPlace, NewAead};
use ascon_aead::aead::heapless::Vec;

let key = Key::<Ascon128>::from_slice(b"very secret key.");
let cipher = Ascon128::new(key);

let nonce = Nonce::<Ascon128>::from_slice(b"unique nonce 012"); // 128-bits; unique per message

let mut buffer: Vec<u8, 128> = Vec::new(); // Buffer needs 16-bytes overhead for authentication tag
buffer.extend_from_slice(b"plaintext message");

// Encrypt `buffer` in-place, replacing the plaintext contents with ciphertext
cipher.encrypt_in_place(nonce, b"", &mut buffer).expect("encryption failure!");

// `buffer` now contains the message ciphertext
assert_ne!(&buffer, b"plaintext message");

// Decrypt `buffer` in-place, replacing its ciphertext context with the original plaintext
cipher.decrypt_in_place(nonce, b"", &mut buffer).expect("decryption failure!");
assert_eq!(&buffer, b"plaintext message");

Re-exports

pub use aead;

Structs

Ascon80pq

Ascon-80pq

Ascon128

Ascon-128

Ascon128a

Ascon-128a

Error

Error type.

Traits

AeadCore

Authenticated Encryption with Associated Data (AEAD) algorithm core trait.

AeadInPlace

In-place stateless AEAD trait.

NewAead

Instantiate either a stateless Aead or stateful AeadMut algorithm.

Type Definitions

Ascon80pqKey

Key for Ascon-80pq

Ascon80pqNonce

Nonce for Ascon-80pq

Ascon80pqTag

Tag for Ascon-80pq

Ascon128Key

Key for Ascon-128

Ascon128Nonce

Nonce for Ascon-128

Ascon128Tag

Tag for Ascon-128

Ascon128aKey

Key for Ascon-128a

Ascon128aNonce

Nonce for Ascon-128a

Ascon128aTag

Tag for Ascon-128a

Key

Key for a NewAead algorithm

Nonce

Nonce: single-use value for ensuring ciphertexts are unique

Tag

Tag: authentication code which ensures ciphertexts are authentic