Struct tink_daead::subtle::AesSiv
source · [−]pub struct AesSiv { /* private fields */ }
Expand description
AesSiv
is an implementation of AES-SIV-CMAC as defined in
RFC 5297.
AesSiv
implements a deterministic encryption with additional data (i.e. the
DeterministicAEAD
trait). Hence the implementation below is restricted
to one AD component.
Security Note:
Chatterjee, Menezes and Sarkar analyze AES-SIV in Section 5.1 of “Another Look at Tightness”
Their analysis shows that AES-SIV is susceptible to an attack in a multi-user setting. Concretely, if an attacker knows the encryption of a message m encrypted and authenticated with k different keys, then it is possible to find one of the MAC keys in time 2^b / k where b is the size of the MAC key. A consequence of this attack is that 128-bit MAC keys give unsufficient security. Since 192-bit AES keys are not supported by tink for voodoo reasons and RFC 5297 only supports same size encryption and MAC keys this implies that keys must be 64 bytes (2*256 bits) long.
Implementations
Trait Implementations
sourceimpl DeterministicAead for AesSiv
impl DeterministicAead for AesSiv
sourcefn encrypt_deterministically(
&self,
plaintext: &[u8],
additional_data: &[u8]
) -> Result<Vec<u8>, TinkError>
fn encrypt_deterministically(
&self,
plaintext: &[u8],
additional_data: &[u8]
) -> Result<Vec<u8>, TinkError>
Deterministical encrypt plaintext with additional_data
as additional authenticated data.
The resulting ciphertext allows for checking authenticity and integrity of additional
data additional_data
, but there are no guarantees wrt. secrecy of that data. Read more
sourcefn decrypt_deterministically(
&self,
ciphertext: &[u8],
additional_data: &[u8]
) -> Result<Vec<u8>, TinkError>
fn decrypt_deterministically(
&self,
ciphertext: &[u8],
additional_data: &[u8]
) -> Result<Vec<u8>, TinkError>
Deterministically decrypt ciphertext with additional_data
as
additional authenticated data. The decryption verifies the authenticity and integrity
of the additional data, but there are no guarantees wrt. secrecy of that data. Read more
Auto Trait Implementations
impl !RefUnwindSafe for AesSiv
impl !Send for AesSiv
impl !Sync for AesSiv
impl Unpin for AesSiv
impl !UnwindSafe for AesSiv
Blanket Implementations
sourceimpl<T> BorrowMut<T> for T where
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
const: unstable · sourcefn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more
sourceimpl<T> DeterministicAeadBoxClone for T where
T: 'static + DeterministicAead + Clone,
impl<T> DeterministicAeadBoxClone for T where
T: 'static + DeterministicAead + Clone,
fn box_clone(&self) -> Box<dyn DeterministicAead + 'static, Global>
sourceimpl<T> ToOwned for T where
T: Clone,
impl<T> ToOwned for T where
T: Clone,
type Owned = T
type Owned = T
The resulting type after obtaining ownership.
sourcefn clone_into(&self, target: &mut T)
fn clone_into(&self, target: &mut T)
toowned_clone_into
)Uses borrowed data to replace owned data, usually by cloning. Read more