|
ASCON Suite
|
ISAP authenticated encryption algorithm for ASCON. More...
#include <ascon/permutation.h>Go to the source code of this file.
Classes | |
| struct | ascon128a_isap_aead_key_t |
| Pre-computed key information for ISAP-A-128A. More... | |
| struct | ascon128_isap_aead_key_t |
| Pre-computed key information for ISAP-A-128. More... | |
| struct | ascon80pq_isap_aead_key_t |
| Pre-computed key information for ISAP-A-80PQ. More... | |
Macros | |
| #define | ASCON128_ISAP_KEY_SIZE 16 |
| Size of the key for all ISAP-A family members with 128-bit keys. More... | |
| #define | ASCON80PQ_ISAP_KEY_SIZE 20 |
| Size of the key for all ISAP-A family members with 160-bit keys. More... | |
| #define | ASCON_ISAP_TAG_SIZE 16 |
| Size of the authentication tag for all ISAP-A family members. More... | |
| #define | ASCON_ISAP_NONCE_SIZE 16 |
| Size of the nonce for all ISAP-A family members. More... | |
| #define | ASCON_ISAP_SAVED_KEY_SIZE 80 |
| Size of a pre-computed key in its save format. More... | |
Functions | |
| void | ascon128a_isap_aead_init (ascon128a_isap_aead_key_t *pk, const unsigned char *k) |
| Initializes a pre-computed key for ISAP-A-128A. More... | |
| void | ascon128a_isap_aead_load_key (ascon128a_isap_aead_key_t *pk, const unsigned char k[ASCON_ISAP_SAVED_KEY_SIZE]) |
| Initializes a pre-computed key for ISAP-A-128A from a previously-saved key value. More... | |
| void | ascon128a_isap_aead_save_key (ascon128a_isap_aead_key_t *pk, unsigned char k[ASCON_ISAP_SAVED_KEY_SIZE]) |
| Saves a previously pre-computed key for ISAP-A-128A to a buffer. More... | |
| void | ascon128a_isap_aead_free (ascon128a_isap_aead_key_t *pk) |
| Frees a pre-computed key for ISAP-A-128A. More... | |
| void | ascon128a_isap_aead_encrypt (unsigned char *c, size_t *clen, const unsigned char *m, size_t mlen, const unsigned char *ad, size_t adlen, const unsigned char *npub, const ascon128a_isap_aead_key_t *pk) |
| Encrypts and authenticates a packet with ISAP-A-128A and pre-computed keys. More... | |
| int | ascon128a_isap_aead_decrypt (unsigned char *m, size_t *mlen, const unsigned char *c, size_t clen, const unsigned char *ad, size_t adlen, const unsigned char *npub, const ascon128a_isap_aead_key_t *pk) |
| Decrypts and authenticates a packet with ISAP-A-128A and pre-computed keys. More... | |
| void | ascon128_isap_aead_init (ascon128_isap_aead_key_t *pk, const unsigned char *k) |
| Initializes a pre-computed key for ISAP-A-128. More... | |
| void | ascon128_isap_aead_load_key (ascon128_isap_aead_key_t *pk, const unsigned char k[ASCON_ISAP_SAVED_KEY_SIZE]) |
| Initializes a pre-computed key for ISAP-A-128 from a previously-saved key value. More... | |
| void | ascon128_isap_aead_save_key (ascon128_isap_aead_key_t *pk, unsigned char k[ASCON_ISAP_SAVED_KEY_SIZE]) |
| Saves a previously pre-computed key for ISAP-A-128 to a buffer. More... | |
| void | ascon128_isap_aead_free (ascon128_isap_aead_key_t *pk) |
| Frees a pre-computed key for ISAP-A-128. More... | |
| void | ascon128_isap_aead_encrypt (unsigned char *c, size_t *clen, const unsigned char *m, size_t mlen, const unsigned char *ad, size_t adlen, const unsigned char *npub, const ascon128_isap_aead_key_t *pk) |
| Encrypts and authenticates a packet with ISAP-A-128 and pre-computed keys. More... | |
| int | ascon128_isap_aead_decrypt (unsigned char *m, size_t *mlen, const unsigned char *c, size_t clen, const unsigned char *ad, size_t adlen, const unsigned char *npub, const ascon128_isap_aead_key_t *pk) |
| Decrypts and authenticates a packet with ISAP-A-128 and pre-computed keys. More... | |
| void | ascon80pq_isap_aead_init (ascon80pq_isap_aead_key_t *pk, const unsigned char *k) |
| Initializes a pre-computed key for ISAP-A-80PQ. More... | |
| void | ascon80pq_isap_aead_load_key (ascon80pq_isap_aead_key_t *pk, const unsigned char k[ASCON_ISAP_SAVED_KEY_SIZE]) |
| Initializes a pre-computed key for ISAP-A-80PQ from a previously-saved key value. More... | |
| void | ascon80pq_isap_aead_save_key (ascon80pq_isap_aead_key_t *pk, unsigned char k[ASCON_ISAP_SAVED_KEY_SIZE]) |
| Saves a previously pre-computed key for ISAP-A-80PQ to a buffer. More... | |
| void | ascon80pq_isap_aead_free (ascon80pq_isap_aead_key_t *pk) |
| Frees a pre-computed key for ISAP-A-80PQ. More... | |
| void | ascon80pq_isap_aead_encrypt (unsigned char *c, size_t *clen, const unsigned char *m, size_t mlen, const unsigned char *ad, size_t adlen, const unsigned char *npub, const ascon80pq_isap_aead_key_t *pk) |
| Encrypts and authenticates a packet with ISAP-A-80PQ and pre-computed keys. More... | |
| int | ascon80pq_isap_aead_decrypt (unsigned char *m, size_t *mlen, const unsigned char *c, size_t clen, const unsigned char *ad, size_t adlen, const unsigned char *npub, const ascon80pq_isap_aead_key_t *pk) |
| Decrypts and authenticates a packet with ISAP-A-80PQ and pre-computed keys. More... | |
ISAP authenticated encryption algorithm for ASCON.
ISAP is a family of authenticated encryption algorithms that were built around the Keccak-p[400] and ASCON permutations. This API implements the versions that were built around ASCON: ISAP-A-128 and ISAP-A-128A.
This API also provides ISAP-A-80PQ which is almost identical to ISAP-A-128, except that it uses a 160-bit key instead of the default 128-bit key.
ISAP is designed to provide some protection against adversaries using differential power analysis to determine the key. The downside is that key setup is very slow.
To alleviate slow key setup, the ascon128_isap_aead_init() and ascon128a_isap_aead_init() functions pre-compute the key setup so that the same pre-computed key can be reused on multiple packets.
If a device has a long-lived key, then the pre-computed key can be stored in ROM or flash memory using ascon128_isap_aead_save_key() or ascon128a_isap_aead_save_key(). The long-lived key is reloaded later using ascon128_isap_aead_load_key() or ascon128a_isap_aead_load_key(). This may avoid leakage when loading the key bits at runtime.
References: https://isap.iaik.tugraz.at/
Definition in file isap.h.
| #define ASCON128_ISAP_KEY_SIZE 16 |
| #define ASCON80PQ_ISAP_KEY_SIZE 20 |
| #define ASCON_ISAP_NONCE_SIZE 16 |
| #define ASCON_ISAP_SAVED_KEY_SIZE 80 |
| #define ASCON_ISAP_TAG_SIZE 16 |
| int ascon128_isap_aead_decrypt | ( | unsigned char * | m, |
| size_t * | mlen, | ||
| const unsigned char * | c, | ||
| size_t | clen, | ||
| const unsigned char * | ad, | ||
| size_t | adlen, | ||
| const unsigned char * | npub, | ||
| const ascon128_isap_aead_key_t * | pk | ||
| ) |
Decrypts and authenticates a packet with ISAP-A-128 and pre-computed keys.
| m | Buffer to receive the plaintext message on output. |
| mlen | Receives the length of the plaintext message on output. |
| c | Buffer that contains the ciphertext and authentication tag to decrypt. |
| clen | Length of the input data in bytes, which includes the ciphertext and the 16 byte authentication tag. |
| ad | Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted. |
| adlen | Length of the associated data in bytes. |
| npub | Points to the public nonce for the packet which must be 16 bytes in length. |
| pk | Points to the pre-computed key value. |
| void ascon128_isap_aead_encrypt | ( | unsigned char * | c, |
| size_t * | clen, | ||
| const unsigned char * | m, | ||
| size_t | mlen, | ||
| const unsigned char * | ad, | ||
| size_t | adlen, | ||
| const unsigned char * | npub, | ||
| const ascon128_isap_aead_key_t * | pk | ||
| ) |
Encrypts and authenticates a packet with ISAP-A-128 and pre-computed keys.
| c | Buffer to receive the output. |
| clen | On exit, set to the length of the output which includes the ciphertext and the 16 byte authentication tag. |
| m | Buffer that contains the plaintext message to encrypt. |
| mlen | Length of the plaintext message in bytes. |
| ad | Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted. |
| adlen | Length of the associated data in bytes. |
| npub | Points to the public nonce for the packet which must be 16 bytes in length. |
| pk | Points to the pre-computed key value. |
| void ascon128_isap_aead_free | ( | ascon128_isap_aead_key_t * | pk | ) |
Frees a pre-computed key for ISAP-A-128.
| pk | Points to the pre-computed key value. |
| void ascon128_isap_aead_init | ( | ascon128_isap_aead_key_t * | pk, |
| const unsigned char * | k | ||
| ) |
Initializes a pre-computed key for ISAP-A-128.
| pk | Points to the object to receive the pre-computed key value. |
| k | Points to the 16 bytes of the key. |
The ascon128_isap_aead_load_key() function can be used to initialize the pre-computed key from a value that was previously saved with ascon128_isap_aead_save_key().
| void ascon128_isap_aead_load_key | ( | ascon128_isap_aead_key_t * | pk, |
| const unsigned char | k[ASCON_ISAP_SAVED_KEY_SIZE] | ||
| ) |
Initializes a pre-computed key for ISAP-A-128 from a previously-saved key value.
| pk | Points to the object to receive the pre-computed key value. |
| k | Points to the bytes of the previously-saved key. |
| void ascon128_isap_aead_save_key | ( | ascon128_isap_aead_key_t * | pk, |
| unsigned char | k[ASCON_ISAP_SAVED_KEY_SIZE] | ||
| ) |
Saves a previously pre-computed key for ISAP-A-128 to a buffer.
| pk | Points to the object to receive the pre-computed key value. |
| k | Points to the buffer to save the pre-computed key in. |
| int ascon128a_isap_aead_decrypt | ( | unsigned char * | m, |
| size_t * | mlen, | ||
| const unsigned char * | c, | ||
| size_t | clen, | ||
| const unsigned char * | ad, | ||
| size_t | adlen, | ||
| const unsigned char * | npub, | ||
| const ascon128a_isap_aead_key_t * | pk | ||
| ) |
Decrypts and authenticates a packet with ISAP-A-128A and pre-computed keys.
| m | Buffer to receive the plaintext message on output. |
| mlen | Receives the length of the plaintext message on output. |
| c | Buffer that contains the ciphertext and authentication tag to decrypt. |
| clen | Length of the input data in bytes, which includes the ciphertext and the 16 byte authentication tag. |
| ad | Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted. |
| adlen | Length of the associated data in bytes. |
| npub | Points to the public nonce for the packet which must be 16 bytes in length. |
| pk | Points to the pre-computed key value. |
| void ascon128a_isap_aead_encrypt | ( | unsigned char * | c, |
| size_t * | clen, | ||
| const unsigned char * | m, | ||
| size_t | mlen, | ||
| const unsigned char * | ad, | ||
| size_t | adlen, | ||
| const unsigned char * | npub, | ||
| const ascon128a_isap_aead_key_t * | pk | ||
| ) |
Encrypts and authenticates a packet with ISAP-A-128A and pre-computed keys.
| c | Buffer to receive the output. |
| clen | On exit, set to the length of the output which includes the ciphertext and the 16 byte authentication tag. |
| m | Buffer that contains the plaintext message to encrypt. |
| mlen | Length of the plaintext message in bytes. |
| ad | Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted. |
| adlen | Length of the associated data in bytes. |
| npub | Points to the public nonce for the packet which must be 16 bytes in length. |
| pk | Points to the pre-computed key value. |
| void ascon128a_isap_aead_free | ( | ascon128a_isap_aead_key_t * | pk | ) |
Frees a pre-computed key for ISAP-A-128A.
| pk | Points to the pre-computed key value. |
| void ascon128a_isap_aead_init | ( | ascon128a_isap_aead_key_t * | pk, |
| const unsigned char * | k | ||
| ) |
Initializes a pre-computed key for ISAP-A-128A.
| pk | Points to the object to receive the pre-computed key value. |
| k | Points to the 16 bytes of the key. |
The ascon128a_isap_aead_load_key() function can be used to initialize the pre-computed key from a value that was previously saved with ascon128a_isap_aead_save_key().
| void ascon128a_isap_aead_load_key | ( | ascon128a_isap_aead_key_t * | pk, |
| const unsigned char | k[ASCON_ISAP_SAVED_KEY_SIZE] | ||
| ) |
Initializes a pre-computed key for ISAP-A-128A from a previously-saved key value.
| pk | Points to the object to receive the pre-computed key value. |
| k | Points to the bytes of the previously-saved key. |
| void ascon128a_isap_aead_save_key | ( | ascon128a_isap_aead_key_t * | pk, |
| unsigned char | k[ASCON_ISAP_SAVED_KEY_SIZE] | ||
| ) |
Saves a previously pre-computed key for ISAP-A-128A to a buffer.
| pk | Points to the object to receive the pre-computed key value. |
| k | Points to the buffer to save the pre-computed key in. |
| int ascon80pq_isap_aead_decrypt | ( | unsigned char * | m, |
| size_t * | mlen, | ||
| const unsigned char * | c, | ||
| size_t | clen, | ||
| const unsigned char * | ad, | ||
| size_t | adlen, | ||
| const unsigned char * | npub, | ||
| const ascon80pq_isap_aead_key_t * | pk | ||
| ) |
Decrypts and authenticates a packet with ISAP-A-80PQ and pre-computed keys.
| m | Buffer to receive the plaintext message on output. |
| mlen | Receives the length of the plaintext message on output. |
| c | Buffer that contains the ciphertext and authentication tag to decrypt. |
| clen | Length of the input data in bytes, which includes the ciphertext and the 16 byte authentication tag. |
| ad | Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted. |
| adlen | Length of the associated data in bytes. |
| npub | Points to the public nonce for the packet which must be 16 bytes in length. |
| pk | Points to the pre-computed key value. |
| void ascon80pq_isap_aead_encrypt | ( | unsigned char * | c, |
| size_t * | clen, | ||
| const unsigned char * | m, | ||
| size_t | mlen, | ||
| const unsigned char * | ad, | ||
| size_t | adlen, | ||
| const unsigned char * | npub, | ||
| const ascon80pq_isap_aead_key_t * | pk | ||
| ) |
Encrypts and authenticates a packet with ISAP-A-80PQ and pre-computed keys.
| c | Buffer to receive the output. |
| clen | On exit, set to the length of the output which includes the ciphertext and the 16 byte authentication tag. |
| m | Buffer that contains the plaintext message to encrypt. |
| mlen | Length of the plaintext message in bytes. |
| ad | Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted. |
| adlen | Length of the associated data in bytes. |
| npub | Points to the public nonce for the packet which must be 16 bytes in length. |
| pk | Points to the pre-computed key value. |
| void ascon80pq_isap_aead_free | ( | ascon80pq_isap_aead_key_t * | pk | ) |
Frees a pre-computed key for ISAP-A-80PQ.
| pk | Points to the pre-computed key value. |
| void ascon80pq_isap_aead_init | ( | ascon80pq_isap_aead_key_t * | pk, |
| const unsigned char * | k | ||
| ) |
Initializes a pre-computed key for ISAP-A-80PQ.
| pk | Points to the object to receive the pre-computed key value. |
| k | Points to the 20 bytes of the key. |
The ascon80pq_isap_aead_load_key() function can be used to initialize the pre-computed key from a value that was previously saved with ascon80pq_isap_aead_save_key().
| void ascon80pq_isap_aead_load_key | ( | ascon80pq_isap_aead_key_t * | pk, |
| const unsigned char | k[ASCON_ISAP_SAVED_KEY_SIZE] | ||
| ) |
Initializes a pre-computed key for ISAP-A-80PQ from a previously-saved key value.
| pk | Points to the object to receive the pre-computed key value. |
| k | Points to the bytes of the previously-saved key. |
| void ascon80pq_isap_aead_save_key | ( | ascon80pq_isap_aead_key_t * | pk, |
| unsigned char | k[ASCON_ISAP_SAVED_KEY_SIZE] | ||
| ) |
Saves a previously pre-computed key for ISAP-A-80PQ to a buffer.
| pk | Points to the object to receive the pre-computed key value. |
| k | Points to the buffer to save the pre-computed key in. |
1.9.1