Expand description
ISAP authenticated encryption with Keccak and Ascon permutations
This crate provides an implementation of the authenticated encryption scheme ISAP. As specified in ISAP version 2, implementations are provided for the Ascon and Keccak based instances.
Usage
Simple usage (allocating, no associated data):
use isap_aead::IsapAscon128; // Or `IsapAscon128A`, `IsapKeccak128`, `IsapKeccak128A`
use isap_aead::aead::{Aead, KeyInit};
let key = b"very secret key.";
let cipher = IsapAscon128::new(key.into());
let nonce = b"unique nonce 012"; // 128-bits; unique per message
let ciphertext = cipher.encrypt(nonce.into(), b"plaintext message".as_ref())
.expect("encryption failure!"); // NOTE: handle this error to avoid panics!
let plaintext = cipher.decrypt(nonce.into(), ciphertext.as_ref())
.expect("decryption failure!"); // NOTE: handle this error to avoid panics!
assert_eq!(&plaintext, b"plaintext message");
In-place Usage (eliminates alloc
requirement)
Similar to other crates implementing aead
interfaces, this crate also offers an optional
alloc
feature which can be disabled in e.g. microcontroller environments that don’t have a
heap. See aead::AeadInPlace
for more details.
use isap_aead::IsapAscon128; // Or `IsapAscon128A`, `IsapKeccak128`, `IsapKeccak128A`
use isap_aead::aead::{AeadInPlace, KeyInit};
use isap_aead::aead::heapless::Vec;
let key = b"very secret key.";
let cipher = IsapAscon128::new(key.into());
let nonce = b"unique nonce 012"; // 128-bits; unique per message
let mut buffer: Vec<u8, 128> = Vec::new(); // Buffer needs 16-bytes overhead for authentication tag
buffer.extend_from_slice(b"plaintext message");
// Encrypt `buffer` in-place, replacing the plaintext contents with ciphertext
cipher.encrypt_in_place(nonce.into(), b"", &mut buffer).expect("encryption failure!");
// `buffer` now contains the message ciphertext
assert_ne!(&buffer, b"plaintext message");
// Decrypt `buffer` in-place, replacing its ciphertext context with the original plaintext
cipher.decrypt_in_place(nonce.into(), b"", &mut buffer).expect("decryption failure!");
assert_eq!(&buffer, b"plaintext message");
Re-exports
pub use aead;
Structs
Error type.
ISAP-Ascon128
ISAP-Ascon128A
ISAP-Keccask128
ISAP-Keccak128A
Traits
Authenticated Encryption with Associated Data (AEAD) algorithm core trait.
In-place stateless AEAD trait.
Types which can be initialized from key.