1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48
/// The number of bits of security as compared to the AES cryptosystem. Check
/// <https://www.keylength.com/en/4/> for recommendations.
pub enum BitsOfSecurity {
/// Security that is equivalent to the security of the 2TDEA cryptosystem. This choice of
/// parameters is not secure and is only used for legacy.
AES80,
/// This level of security is expected to be safe until 2030.
AES112,
/// Security that is equivalent to that of 128 bits in the AES cryptosystem. This level of
/// security is expected to be safe until 2030 & beyond.
AES128,
/// Security that is equivalent to that of 192 bits in the AES cryptosystem. This level of
/// security is expected to be safe until 2030 & beyond.
AES192,
/// Security that is equivalent to that of 256 bits in the AES cryptosystem. This level of
/// security is expected to be safe until 2030 & beyond.
AES256,
/// Security that is equivalent to a number of bits `pk_bits` in accordance to the size of a
/// public key modulus. Note that any number lower than 1024 is considered extremely insecure.
Custom {
/// The number of bits in a public key (factoring) modulus.
pk_bits: u32,
},
/// Completely insecure parameters that are only useful for testing due to their speed.
ToyParameters,
}
impl BitsOfSecurity {
/// Returns the required modulus size for a given symmetric security level in the asymmetric
/// setting.
pub fn to_public_key_bit_length(&self) -> u32 {
match self {
Self::AES80 => 1024,
Self::AES112 => 2048,
Self::AES128 => 3072,
Self::AES192 => 7680,
Self::AES256 => 15360,
Self::Custom { pk_bits } => *pk_bits,
Self::ToyParameters => 256,
}
}
}
impl Default for BitsOfSecurity {
fn default() -> Self {
Self::AES128
}
}