package ascon

import "github.com/cloudflare/circl/cipher/ascon"

Package ascon provides ASCON family of light-weight AEAD ciphers.

This package implements Ascon128 and Ascon128a two AEAD ciphers as specified in ASCON v1.2 by C. Dobraunig, M. Eichlseder, F. Mendel, M. Schläffer. https://ascon.iaik.tugraz.at/index.html

It also implements Ascon-80pq, which has an increased key-size to provide more resistance against a quantum adversary using Grover’s algorithm for key search. Since Ascon-128 and Ascon-80pq share the same building blocks and same parameters except the size of the key, it is claimed the same security for Ascon-80pq against classical attacks as for Ascon-128.

Index ¶

• Constants
• Variables
• type Cipher
• func New(key []byte, m Mode) (*Cipher, error)
• func (a *Cipher) NonceSize() int
• func (a *Cipher) Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error)
• func (a *Cipher) Overhead() int
• func (a *Cipher) Seal(dst, nonce, plaintext, additionalData []byte) []byte
• type Mode
• func (m Mode) KeySize() int
• func (m Mode) String() string

Constants ¶

const (
	KeySize     = 16 // For Ascon128 and Ascon128a.
	KeySize80pq = 20 // Only for Ascon80pq.
	NonceSize   = 16
	TagSize     = 16
)

Variables ¶

var (
	ErrKeySize    = errors.New("ascon: bad key size")
	ErrNonceSize  = errors.New("ascon: bad nonce size")
	ErrDecryption = errors.New("ascon: invalid ciphertext")
	ErrMode       = errors.New("ascon: invalid cipher mode")
)

Types ¶

type Cipher ¶

type Cipher struct {
	// contains filtered or unexported fields
}

func New ¶

func New(key []byte, m Mode) (*Cipher, error)

New returns a Cipher struct implementing the crypto/cipher.AEAD interface. The key must be Mode.KeySize() bytes long, and the mode is one of Ascon128, Ascon128a or Ascon80pq.

func (*Cipher) NonceSize ¶

func (a *Cipher) NonceSize() int

NonceSize returns the size of the nonce that must be passed to Seal and Open.

func (*Cipher) Open ¶

func (a *Cipher) Open(dst, nonce, ciphertext, additionalData []byte) ([]byte, error)

Open decrypts and authenticates ciphertext, authenticates the additional data and, if successful, appends the resulting plaintext to dst, returning the updated slice. The nonce must be NonceSize() bytes long and both it and the additional data must match the value passed to Seal.

To reuse ciphertext's storage for the decrypted output, use ciphertext[:0] as dst. Otherwise, the remaining capacity of dst must not overlap plaintext.

Even if the function fails, the contents of dst, up to its capacity, may be overwritten.

func (*Cipher) Overhead ¶

func (a *Cipher) Overhead() int

Overhead returns the maximum difference between the lengths of a plaintext and its ciphertext.

func (*Cipher) Seal ¶

func (a *Cipher) Seal(dst, nonce, plaintext, additionalData []byte) []byte

Seal encrypts and authenticates plaintext, authenticates the additional data and appends the result to dst, returning the updated slice. The nonce must be NonceSize() bytes long and unique for all time, for a given key.

To reuse plaintext's storage for the encrypted output, use plaintext[:0] as dst. Otherwise, the remaining capacity of dst must not overlap plaintext.

type Mode ¶

type Mode int

const (
	Ascon128  Mode = 1
	Ascon128a Mode = 2
	Ascon80pq Mode = -1
)

func (Mode) KeySize ¶

func (m Mode) KeySize() int

KeySize is 16 for Ascon128 and Ascon128a, or 20 for Ascon80pq.

func (Mode) String ¶

func (m Mode) String() string

Source Files ¶

ascon.go