|
Lightweight Cryptography Primitives
|
|
Lightweight Cryptography Primitives
|
Xoodyak authenticated encryption algorithm. More...
#include "aead-common.h"Go to the source code of this file.
Data Structures | |
| union | xoodyak_hash_state_t |
| State information for Xoodyak incremental hashing modes. More... | |
Macros | |
| #define | XOODYAK_KEY_SIZE 16 |
| Size of the key for Xoodyak. | |
| #define | XOODYAK_TAG_SIZE 16 |
| Size of the authentication tag for Xoodyak. | |
| #define | XOODYAK_NONCE_SIZE 16 |
| Size of the nonce for Xoodyak. | |
| #define | XOODYAK_HASH_SIZE 32 |
| Size of the hash output for Xoodyak. | |
Functions | |
| int | xoodyak_aead_encrypt (unsigned char *c, unsigned long long *clen, const unsigned char *m, unsigned long long mlen, const unsigned char *ad, unsigned long long adlen, const unsigned char *nsec, const unsigned char *npub, const unsigned char *k) |
| Encrypts and authenticates a packet with Xoodyak. More... | |
| int | xoodyak_aead_decrypt (unsigned char *m, unsigned long long *mlen, unsigned char *nsec, const unsigned char *c, unsigned long long clen, const unsigned char *ad, unsigned long long adlen, const unsigned char *npub, const unsigned char *k) |
| Decrypts and authenticates a packet with Xoodyak. More... | |
| int | xoodyak_hash (unsigned char *out, const unsigned char *in, unsigned long long inlen) |
| Hashes a block of input data with Xoodyak to generate a hash value. More... | |
| void | xoodyak_hash_init (xoodyak_hash_state_t *state) |
| Initializes the state for a Xoodyak hashing operation. More... | |
| void | xoodyak_hash_absorb (xoodyak_hash_state_t *state, const unsigned char *in, unsigned long long inlen) |
| Aborbs more input data into a Xoodyak hashing state. More... | |
| void | xoodyak_hash_squeeze (xoodyak_hash_state_t *state, unsigned char *out, unsigned long long outlen) |
| Squeezes output data from a Xoodyak hashing state. More... | |
| void | xoodyak_hash_finalize (xoodyak_hash_state_t *state, unsigned char *out) |
| Returns the final hash value from a Xoodyak hashing operation. More... | |
Variables | |
| aead_cipher_t const | xoodyak_cipher |
| Meta-information block for the Xoodyak cipher. | |
| aead_hash_algorithm_t const | xoodyak_hash_algorithm |
| Meta-information block for the Xoodyak hash algorithm. | |
Xoodyak authenticated encryption algorithm.
Xoodyak is an authenticated encryption and hash algorithm pair based around the 384-bit Xoodoo permutation that is similar in structure to Keccak but is more efficient than Keccak on 32-bit embedded devices. The Cyclist mode of operation is used to convert the permutation into a sponge for the higher-level algorithms.
The Xoodyak encryption mode has a 128-bit key, a 128-bit nonce, and a 128-bit authentication tag. The Xoodyak hashing mode has a 256-bit fixed hash output and can also be used as an extensible output function (XOF).
The Xoodyak specification describes a re-keying mechanism where the key for one packet is used to derive the key to use on the next packet. This provides some resistance against side channel attacks by making the session key a moving target. This library does not currently implement re-keying.
References: https://keccak.team/xoodyak.html
| int xoodyak_aead_decrypt | ( | unsigned char * | m, |
| unsigned long long * | mlen, | ||
| unsigned char * | nsec, | ||
| const unsigned char * | c, | ||
| unsigned long long | clen, | ||
| const unsigned char * | ad, | ||
| unsigned long long | adlen, | ||
| const unsigned char * | npub, | ||
| const unsigned char * | k | ||
| ) |
Decrypts and authenticates a packet with Xoodyak.
| m | Buffer to receive the plaintext message on output. |
| mlen | Receives the length of the plaintext message on output. |
| nsec | Secret nonce - not used by this algorithm. |
| c | Buffer that contains the ciphertext and authentication tag to decrypt. |
| clen | Length of the input data in bytes, which includes the ciphertext and the 16 byte authentication tag. |
| ad | Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted. |
| adlen | Length of the associated data in bytes. |
| npub | Points to the public nonce for the packet which must be 16 bytes in length. |
| k | Points to the 16 bytes of the key to use to decrypt the packet. |
| int xoodyak_aead_encrypt | ( | unsigned char * | c, |
| unsigned long long * | clen, | ||
| const unsigned char * | m, | ||
| unsigned long long | mlen, | ||
| const unsigned char * | ad, | ||
| unsigned long long | adlen, | ||
| const unsigned char * | nsec, | ||
| const unsigned char * | npub, | ||
| const unsigned char * | k | ||
| ) |
Encrypts and authenticates a packet with Xoodyak.
| c | Buffer to receive the output. |
| clen | On exit, set to the length of the output which includes the ciphertext and the 16 byte authentication tag. |
| m | Buffer that contains the plaintext message to encrypt. |
| mlen | Length of the plaintext message in bytes. |
| ad | Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted. |
| adlen | Length of the associated data in bytes. |
| nsec | Secret nonce - not used by this algorithm. |
| npub | Points to the public nonce for the packet which must be 16 bytes in length. |
| k | Points to the 16 bytes of the key to use to encrypt the packet. |
| int xoodyak_hash | ( | unsigned char * | out, |
| const unsigned char * | in, | ||
| unsigned long long | inlen | ||
| ) |
Hashes a block of input data with Xoodyak to generate a hash value.
| out | Buffer to receive the hash output which must be at least XOODYAK_HASH_SIZE bytes in length. |
| in | Points to the input data to be hashed. |
| inlen | Length of the input data in bytes. |
| void xoodyak_hash_absorb | ( | xoodyak_hash_state_t * | state, |
| const unsigned char * | in, | ||
| unsigned long long | inlen | ||
| ) |
Aborbs more input data into a Xoodyak hashing state.
| state | Hash state to be updated. |
| in | Points to the input data to be absorbed into the state. |
| inlen | Length of the input data to be absorbed into the state. |
| void xoodyak_hash_finalize | ( | xoodyak_hash_state_t * | state, |
| unsigned char * | out | ||
| ) |
Returns the final hash value from a Xoodyak hashing operation.
| state | Hash state to be finalized. |
| out | Points to the output buffer to receive the hash value. |
| void xoodyak_hash_init | ( | xoodyak_hash_state_t * | state | ) |
Initializes the state for a Xoodyak hashing operation.
| state | Hash state to be initialized. |
| void xoodyak_hash_squeeze | ( | xoodyak_hash_state_t * | state, |
| unsigned char * | out, | ||
| unsigned long long | outlen | ||
| ) |
Squeezes output data from a Xoodyak hashing state.
| state | Hash state to squeeze the output data from. |
| out | Points to the output buffer to receive the squeezed data. |
| outlen | Number of bytes of data to squeeze out of the state. |
1.8.6