Lightweight Cryptography Primitives
 All Data Structures Files Functions Variables Typedefs Macros Pages
Functions
ascon-siv.h File Reference

SIV encryption primitives built around the ASCON permutation. More...

#include "ascon-aead.h"

Go to the source code of this file.

Functions

int ascon128_siv_encrypt (unsigned char *c, size_t *clen, const unsigned char *m, size_t mlen, const unsigned char *ad, size_t adlen, const unsigned char *npub, const unsigned char *k)
 Encrypts and authenticates a packet with ASCON-128-SIV. More...
 
int ascon128_siv_decrypt (unsigned char *m, size_t *mlen, const unsigned char *c, size_t clen, const unsigned char *ad, size_t adlen, const unsigned char *npub, const unsigned char *k)
 Decrypts and authenticates a packet with ASCON-128-SIV. More...
 
int ascon128a_siv_encrypt (unsigned char *c, size_t *clen, const unsigned char *m, size_t mlen, const unsigned char *ad, size_t adlen, const unsigned char *npub, const unsigned char *k)
 Encrypts and authenticates a packet with ASCON-128a-SIV. More...
 
int ascon128a_siv_decrypt (unsigned char *m, size_t *mlen, const unsigned char *c, size_t clen, const unsigned char *ad, size_t adlen, const unsigned char *npub, const unsigned char *k)
 Decrypts and authenticates a packet with ASCON-128a-SIV. More...
 
int ascon80pq_siv_encrypt (unsigned char *c, size_t *clen, const unsigned char *m, size_t mlen, const unsigned char *ad, size_t adlen, const unsigned char *npub, const unsigned char *k)
 Encrypts and authenticates a packet with ASCON-80pq-SIV. More...
 
int ascon80pq_siv_decrypt (unsigned char *m, size_t *mlen, const unsigned char *c, size_t clen, const unsigned char *ad, size_t adlen, const unsigned char *npub, const unsigned char *k)
 Decrypts and authenticates a packet with ASCON-80pq-SIV. More...
 

Detailed Description

SIV encryption primitives built around the ASCON permutation.

This API also provides support for SIV mode (Synthetic Initialization Vector). SIV mode authenticates the associated data and the plaintext before encrypting the plaintext.

The SIV construction makes the result resistant against reuse of the nonce as long as the combination of the associated data and plaintext is unique. If the combination is not unique, then the algorithm leaks that the same plaintext has been encrypted again but does not reveal the plaintext itself.

SIV mode can be useful when encrypting data in memory, such as encrypting a key pair for storage in non-volatile memory. The nonce or the associated data is set to the address in memory of the encrypted data, so that encrypting the same data in different locations will give different results.

SIV mode increases the size of the data by 16 bytes, which provides the authentication tag. This tag must not be discarded because the data cannot be successfully decrypted without it.

References: https://ascon.iaik.tugraz.at/

Function Documentation

int ascon128_siv_decrypt ( unsigned char *  m,
size_t *  mlen,
const unsigned char *  c,
size_t  clen,
const unsigned char *  ad,
size_t  adlen,
const unsigned char *  npub,
const unsigned char *  k 
)

Decrypts and authenticates a packet with ASCON-128-SIV.

Parameters
mBuffer to receive the plaintext message on output.
mlenReceives the length of the plaintext message on output.
cBuffer that contains the ciphertext and authentication tag to decrypt.
clenLength of the input data in bytes, which includes the ciphertext and the 16 byte authentication tag.
adBuffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlenLength of the associated data in bytes.
npubPoints to the public nonce for the packet which must be 16 bytes in length.
kPoints to the 16 bytes of the key to use to decrypt the packet.
Returns
0 on success, -1 if the authentication tag was incorrect, or some other negative number if there was an error in the parameters.
See Also
ascon128_siv_encrypt()
int ascon128_siv_encrypt ( unsigned char *  c,
size_t *  clen,
const unsigned char *  m,
size_t  mlen,
const unsigned char *  ad,
size_t  adlen,
const unsigned char *  npub,
const unsigned char *  k 
)

Encrypts and authenticates a packet with ASCON-128-SIV.

Parameters
cBuffer to receive the output.
clenOn exit, set to the length of the output which includes the ciphertext and the 16 byte authentication tag.
mBuffer that contains the plaintext message to encrypt.
mlenLength of the plaintext message in bytes.
adBuffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlenLength of the associated data in bytes.
npubPoints to the public nonce for the packet which must be 16 bytes in length.
kPoints to the 16 bytes of the key to use to encrypt the packet.
Returns
0 on success, or a negative value if there was an error in the parameters.
See Also
ascon128_siv_decrypt()
int ascon128a_siv_decrypt ( unsigned char *  m,
size_t *  mlen,
const unsigned char *  c,
size_t  clen,
const unsigned char *  ad,
size_t  adlen,
const unsigned char *  npub,
const unsigned char *  k 
)

Decrypts and authenticates a packet with ASCON-128a-SIV.

Parameters
mBuffer to receive the plaintext message on output.
mlenReceives the length of the plaintext message on output.
cBuffer that contains the ciphertext and authentication tag to decrypt.
clenLength of the input data in bytes, which includes the ciphertext and the 16 byte authentication tag.
adBuffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlenLength of the associated data in bytes.
npubPoints to the public nonce for the packet which must be 16 bytes in length.
kPoints to the 16 bytes of the key to use to decrypt the packet.
Returns
0 on success, -1 if the authentication tag was incorrect, or some other negative number if there was an error in the parameters.
See Also
ascon128a_siv_encrypt()
int ascon128a_siv_encrypt ( unsigned char *  c,
size_t *  clen,
const unsigned char *  m,
size_t  mlen,
const unsigned char *  ad,
size_t  adlen,
const unsigned char *  npub,
const unsigned char *  k 
)

Encrypts and authenticates a packet with ASCON-128a-SIV.

Parameters
cBuffer to receive the output.
clenOn exit, set to the length of the output which includes the ciphertext and the 16 byte authentication tag.
mBuffer that contains the plaintext message to encrypt.
mlenLength of the plaintext message in bytes.
adBuffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlenLength of the associated data in bytes.
npubPoints to the public nonce for the packet which must be 16 bytes in length.
kPoints to the 16 bytes of the key to use to encrypt the packet.
Returns
0 on success, or a negative value if there was an error in the parameters.
See Also
ascon128a_siv_decrypt()
int ascon80pq_siv_decrypt ( unsigned char *  m,
size_t *  mlen,
const unsigned char *  c,
size_t  clen,
const unsigned char *  ad,
size_t  adlen,
const unsigned char *  npub,
const unsigned char *  k 
)

Decrypts and authenticates a packet with ASCON-80pq-SIV.

Parameters
mBuffer to receive the plaintext message on output.
mlenReceives the length of the plaintext message on output.
cBuffer that contains the ciphertext and authentication tag to decrypt.
clenLength of the input data in bytes, which includes the ciphertext and the 16 byte authentication tag.
adBuffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlenLength of the associated data in bytes.
npubPoints to the public nonce for the packet which must be 16 bytes in length.
kPoints to the 20 bytes of the key to use to decrypt the packet.
Returns
0 on success, -1 if the authentication tag was incorrect, or some other negative number if there was an error in the parameters.
See Also
ascon80pq_siv_encrypt()
int ascon80pq_siv_encrypt ( unsigned char *  c,
size_t *  clen,
const unsigned char *  m,
size_t  mlen,
const unsigned char *  ad,
size_t  adlen,
const unsigned char *  npub,
const unsigned char *  k 
)

Encrypts and authenticates a packet with ASCON-80pq-SIV.

Parameters
cBuffer to receive the output.
clenOn exit, set to the length of the output which includes the ciphertext and the 16 byte authentication tag.
mBuffer that contains the plaintext message to encrypt.
mlenLength of the plaintext message in bytes.
adBuffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlenLength of the associated data in bytes.
npubPoints to the public nonce for the packet which must be 16 bytes in length.
kPoints to the 20 bytes of the key to use to encrypt the packet.
Returns
0 on success, or a negative value if there was an error in the parameters.
See Also
ascon80pq_siv_decrypt()