Expand description
Aead encryption algorithms with Authenticated Encryption with Associated Data (AEAD).
带关联数据认证加密 (AEAD) 的对称加密算法。
§Overview | 概述
This module provides aead encryption algorithms that combine confidentiality and authenticity in a single operation. All algorithms implement AEAD (Authenticated Encryption with Associated Data), providing both encryption and authentication.
此模块提供在单个操作中结合机密性和真实性的对称加密算法。 所有算法都实现 AEAD(带关联数据的认证加密),提供加密和认证。
§Supported Algorithms | 支持的算法
§AES-GCM (Advanced Encryption Standard - Galois/Counter Mode)
- AES-128-GCM: 128-bit key, high performance, widely supported
- AES-256-GCM: 256-bit key, maximum security, future-proof
§ChaCha20-Poly1305
- ChaCha20-Poly1305: 256-bit key, software-optimized, constant-time
- XChaCha20-Poly1305: Extended nonce variant, 192-bit nonce
§Performance Comparison | 性能对比
| Algorithm | Key Size | Nonce Size | Performance | Hardware Support |
|---|---|---|---|---|
| AES-128-GCM | 128-bit | 96-bit | Very High* | AES-NI |
| AES-256-GCM | 256-bit | 96-bit | Very High* | AES-NI |
| ChaCha20-Poly1305 | 256-bit | 96-bit | High | Software |
| XChaCha20-Poly1305 | 256-bit | 192-bit | High | Software |
*With hardware acceleration
§Security Considerations | 安全考虑
-
Nonce Reuse: Never reuse nonces with the same key
-
Key Management: Use cryptographically secure random keys
-
Associated Data: Use for context binding when available
-
Implementation: All algorithms are constant-time and side-channel resistant
-
Nonce 重用: 永远不要在同一密钥下重用 nonce
-
密钥管理: 使用密码学安全的随机密钥
-
关联数据: 可用时用于上下文绑定
-
实现: 所有算法都是常数时间且抗侧信道的
Structs§
- Aead
Algorithm Builder - Builder for constructing aead algorithm instances.
Enums§
- Aead
Algorithm - Aead encryption algorithm enumeration.
- AesKey
Size - AES key size variants.