Crate isap_aead

Expand description

§ISAP

Pure Rust implementation of the lightweight Authenticated Encryption and Associated Data (AEAD) scheme ISAP. This crate implements version 2 of ISAP. By default, implementations with the Keccak (feature keccak) and Ascon (feature ascon) permutations are provided. For the documentation of all other features, please see the aead crate.

§Security Notes

This crate has received no security audit. Use at your own risk.

§License

This crate is licensed under the MIT license.

§Usage

Simple usage (allocating, no associated data):

use isap_aead::IsapAscon128; // Or `IsapAscon128A`, `IsapKeccak128`, `IsapKeccak128A`
use isap_aead::aead::{Aead, KeyInit};

let key = b"very secret key.";
let cipher = IsapAscon128::new(key.into());
let nonce = b"unique nonce 012"; // 128-bits; unique per message

let ciphertext = cipher.encrypt(nonce.into(), b"plaintext message".as_ref())
    .expect("encryption failure!"); // NOTE: handle this error to avoid panics!

let plaintext = cipher.decrypt(nonce.into(), ciphertext.as_ref())
    .expect("decryption failure!"); // NOTE: handle this error to avoid panics!

assert_eq!(&plaintext, b"plaintext message");

§In-place Usage (eliminates `alloc` requirement)

Similar to other crates implementing aead interfaces, this crate also offers an optional alloc feature which can be disabled in e.g. microcontroller environments that don’t have a heap. See aead::AeadInPlace for more details.

use isap_aead::IsapAscon128; // Or `IsapAscon128A`, `IsapKeccak128`, `IsapKeccak128A`
use isap_aead::aead::{AeadInPlace, KeyInit};
use isap_aead::aead::heapless::Vec;

let key = b"very secret key.";
let cipher = IsapAscon128::new(key.into());
let nonce = b"unique nonce 012"; // 128-bits; unique per message

let mut buffer: Vec<u8, 128> = Vec::new(); // Buffer needs 16-bytes overhead for authentication tag
buffer.extend_from_slice(b"plaintext message");

// Encrypt `buffer` in-place, replacing the plaintext contents with ciphertext
cipher.encrypt_in_place(nonce.into(), b"", &mut buffer).expect("encryption failure!");

// `buffer` now contains the message ciphertext
assert_ne!(&buffer, b"plaintext message");

// Decrypt `buffer` in-place, replacing its ciphertext context with the original plaintext
cipher.decrypt_in_place(nonce.into(), b"", &mut buffer).expect("decryption failure!");
assert_eq!(&buffer, b"plaintext message");

Similarly, enabling the arrayvec feature of this crate will provide an impl of aead::Buffer for arrayvec::ArrayVec.

Re-exports§

pub use aead;

Structs§

Error: Error type.
IsapAscon128ascon: ISAP-Ascon128
IsapAscon128Aascon: ISAP-Ascon128A
IsapKeccak128keccak: ISAP-Keccask128
IsapKeccak128Akeccak: ISAP-Keccak128A

Traits§

AeadCore: Authenticated Encryption with Associated Data (AEAD) algorithm core trait.
AeadInPlace: In-place stateless AEAD trait.
KeyInit: Types which can be initialized from key.

Type Aliases§

Key: Key used by KeySizeUser implementors.
Nonce: Nonce: single-use value for ensuring ciphertexts are unique
Result: Result type alias with Error.
Tag: Tag: authentication code which ensures ciphertexts are authentic

Crate isap_aeadCopy item path