Lightweight Cryptography Primitives
 All Data Structures Files Functions Variables Typedefs Macros Pages
Data Structures | Functions
isap-k-aead-pk.h File Reference

ISAP-K authenticated encryption algorithm with pre-computed keys. More...

#include "isap-k-aead.h"

Go to the source code of this file.

Data Structures

struct  isap_keccak_128a_key_t
 Pre-computed key information for ISAP-K-128A. More...
 
struct  isap_keccak_128_key_t
 Pre-computed key information for ISAP-K-128. More...
 

Functions

int isap_keccak_128a_aead_pk_init (isap_keccak_128a_key_t *pk, const unsigned char *k)
 Initializes a pre-computed key for ISAP-K-128A. More...
 
int isap_keccak_128a_aead_pk_encrypt (unsigned char *c, size_t *clen, const unsigned char *m, size_t mlen, const unsigned char *ad, size_t adlen, const unsigned char *npub, const isap_keccak_128a_key_t *pk)
 Encrypts and authenticates a packet with ISAP-K-128A and pre-computed keys. More...
 
int isap_keccak_128a_aead_pk_decrypt (unsigned char *m, size_t *mlen, const unsigned char *c, size_t clen, const unsigned char *ad, size_t adlen, const unsigned char *npub, const isap_keccak_128a_key_t *pk)
 Decrypts and authenticates a packet with ISAP-K-128A and pre-computed keys. More...
 
int isap_keccak_128_aead_pk_init (isap_keccak_128_key_t *pk, const unsigned char *k)
 Initializes a pre-computed key for ISAP-K-128. More...
 
int isap_keccak_128_aead_pk_encrypt (unsigned char *c, size_t *clen, const unsigned char *m, size_t mlen, const unsigned char *ad, size_t adlen, const unsigned char *npub, const isap_keccak_128_key_t *pk)
 Encrypts and authenticates a packet with ISAP-K-128 and pre-computed keys. More...
 
int isap_keccak_128_aead_pk_decrypt (unsigned char *m, size_t *mlen, const unsigned char *c, size_t clen, const unsigned char *ad, size_t adlen, const unsigned char *npub, const isap_keccak_128_key_t *pk)
 Decrypts and authenticates a packet with ISAP-K-128 and pre-computed keys. More...
 

Detailed Description

ISAP-K authenticated encryption algorithm with pre-computed keys.

This version of ISAP-K provides an alternative API where the keys are expanded ahead of time. This is intended to limit leakage of information about the key bits. The key is loaded once during a session rather than repeatedly each time encryption or decryption is performed.

If a device has a long-lived key, then the pre-computed key could be stored in ROM or flash memory and thus avoid leakage of loading the key bits at runtime.

References: https://isap.iaik.tugraz.at/

Function Documentation

int isap_keccak_128_aead_pk_decrypt ( unsigned char *  m,
size_t *  mlen,
const unsigned char *  c,
size_t  clen,
const unsigned char *  ad,
size_t  adlen,
const unsigned char *  npub,
const isap_keccak_128_key_t pk 
)

Decrypts and authenticates a packet with ISAP-K-128 and pre-computed keys.

Parameters
mBuffer to receive the plaintext message on output.
mlenReceives the length of the plaintext message on output.
cBuffer that contains the ciphertext and authentication tag to decrypt.
clenLength of the input data in bytes, which includes the ciphertext and the 16 byte authentication tag.
adBuffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlenLength of the associated data in bytes.
npubPoints to the public nonce for the packet which must be 16 bytes in length.
pkPoints to the pre-computed key value.
Returns
0 on success, -1 if the authentication tag was incorrect, or some other negative number if there was an error in the parameters.
See Also
isap_keccak_128_aead_pk_encrypt(), isap_keccak_128_aead_pk_init()
int isap_keccak_128_aead_pk_encrypt ( unsigned char *  c,
size_t *  clen,
const unsigned char *  m,
size_t  mlen,
const unsigned char *  ad,
size_t  adlen,
const unsigned char *  npub,
const isap_keccak_128_key_t pk 
)

Encrypts and authenticates a packet with ISAP-K-128 and pre-computed keys.

Parameters
cBuffer to receive the output.
clenOn exit, set to the length of the output which includes the ciphertext and the 16 byte authentication tag.
mBuffer that contains the plaintext message to encrypt.
mlenLength of the plaintext message in bytes.
adBuffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlenLength of the associated data in bytes.
npubPoints to the public nonce for the packet which must be 16 bytes in length.
pkPoints to the pre-computed key value.
Returns
0 on success, or a negative value if there was an error in the parameters.
See Also
isap_keccak_128_aead_pk_decrypt(), isap_keccak_128_aead_pk_init()
int isap_keccak_128_aead_pk_init ( isap_keccak_128_key_t pk,
const unsigned char *  k 
)

Initializes a pre-computed key for ISAP-K-128.

Parameters
pkPoints to the object to receive the pre-computed key value.
kPoints to the 16 bytes of the key.
Returns
0 on success, or a negative value if there was an error in the parameters.
See Also
isap_keccak_128_aead_pk_encrypt(), isap_keccak_128_aead_pk_decrypt()
int isap_keccak_128a_aead_pk_decrypt ( unsigned char *  m,
size_t *  mlen,
const unsigned char *  c,
size_t  clen,
const unsigned char *  ad,
size_t  adlen,
const unsigned char *  npub,
const isap_keccak_128a_key_t pk 
)

Decrypts and authenticates a packet with ISAP-K-128A and pre-computed keys.

Parameters
mBuffer to receive the plaintext message on output.
mlenReceives the length of the plaintext message on output.
cBuffer that contains the ciphertext and authentication tag to decrypt.
clenLength of the input data in bytes, which includes the ciphertext and the 16 byte authentication tag.
adBuffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlenLength of the associated data in bytes.
npubPoints to the public nonce for the packet which must be 16 bytes in length.
pkPoints to the pre-computed key value.
Returns
0 on success, -1 if the authentication tag was incorrect, or some other negative number if there was an error in the parameters.
See Also
isap_keccak_128a_aead_pk_encrypt(), isap_keccak_128a_aead_pk_init()
int isap_keccak_128a_aead_pk_encrypt ( unsigned char *  c,
size_t *  clen,
const unsigned char *  m,
size_t  mlen,
const unsigned char *  ad,
size_t  adlen,
const unsigned char *  npub,
const isap_keccak_128a_key_t pk 
)

Encrypts and authenticates a packet with ISAP-K-128A and pre-computed keys.

Parameters
cBuffer to receive the output.
clenOn exit, set to the length of the output which includes the ciphertext and the 16 byte authentication tag.
mBuffer that contains the plaintext message to encrypt.
mlenLength of the plaintext message in bytes.
adBuffer that contains associated data to authenticate along with the packet but which does not need to be encrypted.
adlenLength of the associated data in bytes.
npubPoints to the public nonce for the packet which must be 16 bytes in length.
pkPoints to the pre-computed key value.
Returns
0 on success, or a negative value if there was an error in the parameters.
See Also
isap_keccak_128a_aead_pk_decrypt(), isap_keccak_128a_aead_pk_init()
int isap_keccak_128a_aead_pk_init ( isap_keccak_128a_key_t pk,
const unsigned char *  k 
)

Initializes a pre-computed key for ISAP-K-128A.

Parameters
pkPoints to the object to receive the pre-computed key value.
kPoints to the 16 bytes of the key.
Returns
0 on success, or a negative value if there was an error in the parameters.
See Also
isap_keccak_128a_aead_pk_encrypt(), isap_keccak_128a_aead_pk_decrypt()