[Cryptography] Keccak-based AEAD cipher algorithm
Stephan Mueller
smueller at chronox.de
Tue Jul 26 05:47:57 EDT 2022
Hi,
Using Keccak, a symmetric stream cipher algorithm using the authenticated
encryption with additional data (AEAD) algorithm can be specified.
I have developed such an AEAD algorithm implementation. This algorithm can be
used to encrypt and decrypt arbitrary user data. The cipher algorithm uses the
SP800-185 cSHAKE algorithm to generate a key stream which is XORed with either
the plaintext (encryption) or ciphertext (decryption) data. The cSHAKE is
initialized with the user-provided key and the user-provided IV. In addition,
a second cSHAKE instance is initialized which calculates a keyed-message
digest of the ciphertext to create a message authentication tag. This message
authentication tag is used during decryption to verify the integrity of the
ciphertext.
In addition, a very similar SP800-185 KMAC-based AEAD algorithm is also
implemented.
The amount of code required to implement the respective algorithm is very
limited.
Both AEAD stream cipher algorithms are fully documented and specified in [1]
and [2] which also provide a working copy. The documentation in [1] also
provides a comparison between both algorithms.
The API documentation of both algorithm implementations is given in [3] and
[4].
I would be happy to receive comments or suggestions.
[1] https://github.com/smuellerDD/leancrypto/blob/master/aead/src/
cshake_crypt.c
[2] https://github.com/smuellerDD/leancrypto/blob/master/aead/src/kmac_crypt.c
[3] https://github.com/smuellerDD/leancrypto/blob/master/aead/api/
lc_cshake_crypt.h
[4] https://github.com/smuellerDD/leancrypto/blob/master/aead/api/
lc_kmac_crypt.h
Ciao
Stephan
More information about the cryptography
mailing list