leona 0.1.0

LIONESS cipher construction

Coverage
100%
10 out of 10 items documented2 out of 9 items with examples
Size
Source code size: 43.29 kB This is the summed size of all the files inside the crates.io package for this release.
Documentation size: 2.57 MB This is the summed size of all files generated by rustdoc for all configured targets
Ø build duration
this release: 2m 17s Average build duration of successful builds.
all releases: 2m 17s Average build duration of successful builds in releases after 2024-10-23.
Links
Repository
crates.io
Dependencies
Versions
- 0.1.0 (2026-04-28)
Owners

leona

Implementation of LIONESS in Rust. Works with no_std and generic over hashes/ciphers.

☣️ Cryptographic hazmat ☣️

This crate is not battle tested and not audited. It exists as a learning exercise. Use it at your own risk.

LIONESS

LIONESS is a wide block cipher, constructed using a hash algorithm and a stream cipher. From the paper:

Each ciphertext bit depends on all the plaintext bits in a very complex way, which contributes to the cryptographic strength.

Example use

You need a hash algorithm and a compatible stream cipher (compatible means that the hash output has the same size as the stream cipher key):

use leona::{Lioness, ZeroIv};
use blake2::Blake2sMac256;
use chacha20::ChaCha20;

type Cipher = Lioness<ZeroIv<ChaCha20>, Blake2sMac256>;

let mut data = [0u8; 64];
data[..11].copy_from_slice(b"hello world");

let cipher = Cipher::new_dynamic(b"secret");
cipher.encrypt(&mut data);
assert_ne!(&data[..11], b"hello world");
cipher.decrypt(&mut data);
assert_eq!(&data[..11], b"hello world");

Alternatives

There are two drawbacks to LIONESS:

It is slow.
It cannot encrypt short messages (shorther than the hash output size).

If you require a wide block cipher, consider using a different construction (like aez via aez or zears).

License

This crate is licensed under the terms of the MIT license. You can find the full license text in LICENSE.