|
Lightweight Cryptography Primitives
|
|
Lightweight Cryptography Primitives
|
Xoodyak authenticated encryption algorithm. More...
#include <stddef.h>Go to the source code of this file.
Macros | |
| #define | XOODYAK_KEY_SIZE 16 |
| Size of the key for Xoodyak. | |
| #define | XOODYAK_TAG_SIZE 16 |
| Size of the authentication tag for Xoodyak. | |
| #define | XOODYAK_NONCE_SIZE 16 |
| Size of the nonce for Xoodyak. | |
Functions | |
| int | xoodyak_aead_encrypt (unsigned char *c, size_t *clen, const unsigned char *m, size_t mlen, const unsigned char *ad, size_t adlen, const unsigned char *npub, const unsigned char *k) |
| Encrypts and authenticates a packet with Xoodyak. More... | |
| int | xoodyak_aead_decrypt (unsigned char *m, size_t *mlen, const unsigned char *c, size_t clen, const unsigned char *ad, size_t adlen, const unsigned char *npub, const unsigned char *k) |
| Decrypts and authenticates a packet with Xoodyak. More... | |
Xoodyak authenticated encryption algorithm.
Xoodyak is an authenticated encryption and hash algorithm pair based around the 384-bit Xoodoo permutation that is similar in structure to Keccak but is more efficient than Keccak on 32-bit embedded devices. The Cyclist mode of operation is used to convert the permutation into a sponge for the higher-level algorithms.
The Xoodyak encryption mode has a 128-bit key, a 128-bit nonce, and a 128-bit authentication tag.
The Xoodyak specification describes a re-keying mechanism where the key for one packet is used to derive the key to use on the next packet. This provides some resistance against side channel attacks by making the session key a moving target. This library does not currently implement re-keying.
References: https://keccak.team/xoodyak.html
| int xoodyak_aead_decrypt | ( | unsigned char * | m, |
| size_t * | mlen, | ||
| const unsigned char * | c, | ||
| size_t | clen, | ||
| const unsigned char * | ad, | ||
| size_t | adlen, | ||
| const unsigned char * | npub, | ||
| const unsigned char * | k | ||
| ) |
Decrypts and authenticates a packet with Xoodyak.
| m | Buffer to receive the plaintext message on output. |
| mlen | Receives the length of the plaintext message on output. |
| c | Buffer that contains the ciphertext and authentication tag to decrypt. |
| clen | Length of the input data in bytes, which includes the ciphertext and the 16 byte authentication tag. |
| ad | Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted. |
| adlen | Length of the associated data in bytes. |
| npub | Points to the public nonce for the packet which must be 16 bytes in length. |
| k | Points to the 16 bytes of the key to use to decrypt the packet. |
| int xoodyak_aead_encrypt | ( | unsigned char * | c, |
| size_t * | clen, | ||
| const unsigned char * | m, | ||
| size_t | mlen, | ||
| const unsigned char * | ad, | ||
| size_t | adlen, | ||
| const unsigned char * | npub, | ||
| const unsigned char * | k | ||
| ) |
Encrypts and authenticates a packet with Xoodyak.
| c | Buffer to receive the output. |
| clen | On exit, set to the length of the output which includes the ciphertext and the 16 byte authentication tag. |
| m | Buffer that contains the plaintext message to encrypt. |
| mlen | Length of the plaintext message in bytes. |
| ad | Buffer that contains associated data to authenticate along with the packet but which does not need to be encrypted. |
| adlen | Length of the associated data in bytes. |
| npub | Points to the public nonce for the packet which must be 16 bytes in length. |
| k | Points to the 16 bytes of the key to use to encrypt the packet. |
1.8.6