elara-crypto 0.2.0

ELARA Protocol - Cryptographic engine with identity binding, multi-ratchet encryption, and post-quantum ready security
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71

# elara-crypto

Cryptographic engine for the ELARA Protocol - providing identity binding, multi-ratchet encryption, and post-quantum ready security.

## Features

- **Identity Binding**: Cryptographic proof of identity with Ed25519 signatures
- **Multi-Ratchet Encryption**: Forward secrecy with ChaCha20-Poly1305 AEAD
- **Post-Quantum Ready**: Designed for future cryptographic upgrades
- **Session Security**: Secure frame processing with replay protection
- **Performance Optimized**: Efficient key derivation and encryption

## Quick Start

```rust
use elara_crypto::{Identity, SecureFrame};
use elara_core::NodeId;

// Generate a new identity
let identity = Identity::generate();
let node_id = identity.node_id();

// Create a secure frame
let frame = SecureFrame::new(
    node_id,
    session_id,
    payload,
    PacketClass::Core
)?;

// Process incoming frames
let processed = frame_processor.process_frame(frame)?;
```

## Cryptographic Primitives

- **Signing**: Ed25519 for identity and message authentication
- **Encryption**: ChaCha20-Poly1305 for authenticated encryption
- **Key Exchange**: X25519 for ECDH key agreement
- **Key Derivation**: HKDF-SHA256 for secure key derivation
- **Hashing**: SHA256 for integrity and identification

## Security Features

### Multi-Ratchet System
```
K_session_root
├── K_core (strongest protection, never dropped)
├── K_perceptual (fast ratchet, loss tolerant)
├── K_enhancement (standard protection)
└── K_cosmetic (light protection, free to drop)
```

### Replay Protection
- Sliding window for sequence number validation
- Automatic window advancement
- Out-of-order packet handling
- Wraparound protection

## License

Licensed under either of:

- Apache License, Version 2.0 ([LICENSE-APACHE](LICENSE-APACHE) or http://www.apache.org/licenses/LICENSE-2.0)
- MIT license ([LICENSE-MIT](LICENSE-MIT) or http://opensource.org/licenses/MIT)

at your option.

## Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.