SIV encryption primitives built around the ASCON permutation. More...

#include <stddef.h>

Functions
void	ascon128_siv_encrypt (unsigned char c, size_t clen, const unsigned char m, size_t mlen, const unsigned char ad, size_t adlen, const unsigned char npub, const unsigned char k)
	Encrypts and authenticates a packet with ASCON-128-SIV. More...

int	ascon128_siv_decrypt (unsigned char m, size_t mlen, const unsigned char c, size_t clen, const unsigned char ad, size_t adlen, const unsigned char npub, const unsigned char k)
	Decrypts and authenticates a packet with ASCON-128-SIV. More...

void	ascon128a_siv_encrypt (unsigned char c, size_t clen, const unsigned char m, size_t mlen, const unsigned char ad, size_t adlen, const unsigned char npub, const unsigned char k)
	Encrypts and authenticates a packet with ASCON-128a-SIV. More...

int	ascon128a_siv_decrypt (unsigned char m, size_t mlen, const unsigned char c, size_t clen, const unsigned char ad, size_t adlen, const unsigned char npub, const unsigned char k)
	Decrypts and authenticates a packet with ASCON-128a-SIV. More...

void	ascon80pq_siv_encrypt (unsigned char c, size_t clen, const unsigned char m, size_t mlen, const unsigned char ad, size_t adlen, const unsigned char npub, const unsigned char k)
	Encrypts and authenticates a packet with ASCON-80pq-SIV. More...

int	ascon80pq_siv_decrypt (unsigned char m, size_t mlen, const unsigned char c, size_t clen, const unsigned char ad, size_t adlen, const unsigned char npub, const unsigned char k)
	Decrypts and authenticates a packet with ASCON-80pq-SIV. More...

Detailed Description

SIV encryption primitives built around the ASCON permutation.

This API provides support for SIV mode (Synthetic Initialization Vector). SIV mode authenticates the associated data and the plaintext before encrypting the plaintext.

The SIV construction makes the result resistant against reuse of the nonce as long as the combination of the associated data and plaintext is unique. If the combination is not unique, then the algorithm leaks that the same plaintext has been encrypted again but does not reveal the plaintext itself.

SIV mode can be useful when encrypting data in memory, such as encrypting a key pair for storage in non-volatile memory. The nonce or the associated data is set to the address in memory of the encrypted data, so that encrypting the same data in different locations will give different results.

SIV mode increases the size of the data by 16 bytes, which provides the authentication tag. This tag must not be discarded because the data cannot be successfully decrypted without it.

References: https://ascon.iaik.tugraz.at/

Definition in file siv.h.

Function Documentation

◆ ascon128_siv_decrypt()

int ascon128_siv_decrypt	(	unsigned char *	m,
		size_t *	mlen,
		const unsigned char *	c,
		size_t	clen,
		const unsigned char *	ad,
		size_t	adlen,
		const unsigned char *	npub,
		const unsigned char *	k
	)

Decrypts and authenticates a packet with ASCON-128-SIV.

Parameters

m	Buffer to receive the plaintext message on output.
mlen	Receives the length of the plaintext message on output.
c	Buffer that contains the ciphertext and authentication tag to decrypt.
clen	Length of the input data in bytes, which includes the ciphertext and the 16 byte authentication tag.
ad	Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlen	Length of the associated data in bytes.
npub	Points to the public nonce for the packet which must be 16 bytes in length.
k	Points to the 16 bytes of the key to use to decrypt the packet.

Returns: 0 on success, -1 if the authentication tag was incorrect, or some other negative number if there was an error in the parameters.

See also: ascon128_siv_encrypt()

Definition at line 132 of file ascon-siv-128.c.

◆ ascon128_siv_encrypt()

void ascon128_siv_encrypt	(	unsigned char *	c,
		size_t *	clen,
		const unsigned char *	m,
		size_t	mlen,
		const unsigned char *	ad,
		size_t	adlen,
		const unsigned char *	npub,
		const unsigned char *	k
	)

Encrypts and authenticates a packet with ASCON-128-SIV.

Parameters

c	Buffer to receive the output.
clen	On exit, set to the length of the output which includes the ciphertext and the 16 byte authentication tag.
m	Buffer that contains the plaintext message to encrypt.
mlen	Length of the plaintext message in bytes.
ad	Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlen	Length of the associated data in bytes.
npub	Points to the public nonce for the packet which must be 16 bytes in length.
k	Points to the 16 bytes of the key to use to encrypt the packet.

See also: ascon128_siv_decrypt()

Definition at line 92 of file ascon-siv-128.c.

◆ ascon128a_siv_decrypt()

int ascon128a_siv_decrypt	(	unsigned char *	m,
		size_t *	mlen,
		const unsigned char *	c,
		size_t	clen,
		const unsigned char *	ad,
		size_t	adlen,
		const unsigned char *	npub,
		const unsigned char *	k
	)

Decrypts and authenticates a packet with ASCON-128a-SIV.

Parameters

m	Buffer to receive the plaintext message on output.
mlen	Receives the length of the plaintext message on output.
c	Buffer that contains the ciphertext and authentication tag to decrypt.
clen	Length of the input data in bytes, which includes the ciphertext and the 16 byte authentication tag.
ad	Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlen	Length of the associated data in bytes.
npub	Points to the public nonce for the packet which must be 16 bytes in length.
k	Points to the 16 bytes of the key to use to decrypt the packet.

Returns: 0 on success, -1 if the authentication tag was incorrect, or some other negative number if there was an error in the parameters.

See also: ascon128a_siv_encrypt()

Definition at line 132 of file ascon-siv-128a.c.

◆ ascon128a_siv_encrypt()

void ascon128a_siv_encrypt	(	unsigned char *	c,
		size_t *	clen,
		const unsigned char *	m,
		size_t	mlen,
		const unsigned char *	ad,
		size_t	adlen,
		const unsigned char *	npub,
		const unsigned char *	k
	)

Encrypts and authenticates a packet with ASCON-128a-SIV.

Parameters

c	Buffer to receive the output.
clen	On exit, set to the length of the output which includes the ciphertext and the 16 byte authentication tag.
m	Buffer that contains the plaintext message to encrypt.
mlen	Length of the plaintext message in bytes.
ad	Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlen	Length of the associated data in bytes.
npub	Points to the public nonce for the packet which must be 16 bytes in length.
k	Points to the 16 bytes of the key to use to encrypt the packet.

See also: ascon128a_siv_decrypt()

Definition at line 92 of file ascon-siv-128a.c.

◆ ascon80pq_siv_decrypt()

int ascon80pq_siv_decrypt	(	unsigned char *	m,
		size_t *	mlen,
		const unsigned char *	c,
		size_t	clen,
		const unsigned char *	ad,
		size_t	adlen,
		const unsigned char *	npub,
		const unsigned char *	k
	)

Decrypts and authenticates a packet with ASCON-80pq-SIV.

Parameters

m	Buffer to receive the plaintext message on output.
mlen	Receives the length of the plaintext message on output.
c	Buffer that contains the ciphertext and authentication tag to decrypt.
clen	Length of the input data in bytes, which includes the ciphertext and the 16 byte authentication tag.
ad	Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlen	Length of the associated data in bytes.
npub	Points to the public nonce for the packet which must be 16 bytes in length.
k	Points to the 20 bytes of the key to use to decrypt the packet.

Returns: 0 on success, -1 if the authentication tag was incorrect, or some other negative number if there was an error in the parameters.

See also: ascon80pq_siv_encrypt()

Examples: asconcrypt/asconcrypt.c.

Definition at line 130 of file ascon-siv-80pq.c.

◆ ascon80pq_siv_encrypt()

void ascon80pq_siv_encrypt	(	unsigned char *	c,
		size_t *	clen,
		const unsigned char *	m,
		size_t	mlen,
		const unsigned char *	ad,
		size_t	adlen,
		const unsigned char *	npub,
		const unsigned char *	k
	)

Encrypts and authenticates a packet with ASCON-80pq-SIV.

Parameters

c	Buffer to receive the output.
clen	On exit, set to the length of the output which includes the ciphertext and the 16 byte authentication tag.
m	Buffer that contains the plaintext message to encrypt.
mlen	Length of the plaintext message in bytes.
ad	Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlen	Length of the associated data in bytes.
npub	Points to the public nonce for the packet which must be 16 bytes in length.
k	Points to the 20 bytes of the key to use to encrypt the packet.

See also: ascon80pq_siv_decrypt()

Examples: asconcrypt/asconcrypt.c.

Definition at line 90 of file ascon-siv-80pq.c.

Functions

Detailed Description

Function Documentation

◆ ascon128_siv_decrypt()

◆ ascon128_siv_encrypt()

◆ ascon128a_siv_decrypt()

◆ ascon128a_siv_encrypt()

◆ ascon80pq_siv_decrypt()

◆ ascon80pq_siv_encrypt()