ROCCA cipher implementation for Rust.

Last update: Sep 30, 2022

Related tags

Overview

ROCCA for Rust

This is a Rust implementation of the ROCCA authenticated cipher, ported from the Zig implementation.

ROCCA is key committing, has a 256 bit key size, a 128 bit nonce, processes 256 bit message blocks and outputs a 128 bit authentication tag.

Cargo flags

std: allow dynamic allocations

std is the default.

IMPORTANT: In order to get decent code on x86 and x86_64 CPUs, you should set additional rustc flags prior to compiling that crate or a project using it:

export RUSTFLAGS="-Ctarget-feature=+aes,+sse4.1"

A benchmark can be run that way:

export RUSTFLAGS="-C target-cpu=native -Ctarget-feature=+aes,+pclmul,+sse4.1"
cargo bench

Benchmarks

Benchmarks take a 16384 bytes input block. Results are in bytes per second.

Rust implementations

Crates:

aes-gcm
chacha20poly1305
aegis128l
rocca

Macbook Pro - 2,4 GHz Intel Core i9, RUSTFLAGS set.

cipher	speed
aes256-gcm	1.59 G/s
aes128-gcm	1.91 G/s
chacha20-poly1305	1.48 G/s
aegis128l	6.21 G/s
rocca	6.49 G/s

WebAssembly (Wasmtime)

cipher	speed
aes256-gcm	36.88 M/s
aes128-gcm	44.13 M/s
chacha20-poly1305	193.05 M/s
aegis128l	48.98 M/s
rocca	58.61 M/s

Other implementations

cipher (implementation)	speed
aes256-gcm (OpenSSL)	4.97 G/s
aes128-gcm (OpenSSL)	6.89 G/s
chacha20-poly1305 (OpenSSL)	2.67 G/s
aes128-ocb (OpenSSL)	7.10 G/s
aegis128l (Zig)	14.08 G/s
rocca (Zig)	16.28 G/s

Authorization Server with Rust using Tonic

authorization-server Authorization Server with Rust using Tonic. Function implemented User registration and profile store Change password Login Token

3 Oct 5, 2021

Extensible, strongly-typed Rust OAuth2 client library

OAuth2 An extensible, strongly-typed implementation of OAuth2 (RFC 6749). Documentation is available on docs.rs. Release notes are available on GitHub

602 Dec 25, 2022

An auth system/library for Rust applications

Rust : Forbidden (WIP) An experimental auth library for Rust applications. Goals This crate is to define a common set of traits and idioms to provide

9 Nov 8, 2022

Authenticate to Minecraft using the Microsoft Authentication Scheme from Rust.

Authenticating to Minecraft with the Microsoft Authentication Scheme from Rust This program showcases an implementation of the microsoft authenticatio

17 Dec 22, 2022

Rust library for HTTP authentication. Parses challenge lists, responds to Basic and Digest challenges. Likely to be extended with server support and additional auth schemes.

Rust library for HTTP authentication. Parses challenge lists, responds to Basic and Digest challenges. Likely to be extended with server support and a

3 Jun 10, 2022

Fast, simple and REST compliant file-server with public/private key authentication written in Rust

stormi Stormi is a fast and simple file-server with public/private key authentication How does it work? Stormi accepts multipart/form-data form with m

2 Dec 8, 2022

🔥 Firebase authentication for Rust 🦀

Fire Auth Rust wrapper for Firebase Authentication REST API Installation Add the following to Cargo.toml: fireauth = "0.1.5" How to use First you need

11 Nov 12, 2022

Tools for manipulating JSON Web Tokens, JWS, JWE, and JWK in Rust

Rusty JWT Tools A collection of JWT utilities. This repository is part of the source code of Wire. You can find more information at wire.com or by con

4 Nov 22, 2022

Xbox live authentication flow for Minecraft with Rust.

MC Auth Xbox live authentication flow for Minecraft in Rust. Why? In order to create tools for Minecraft based on rust that implement the user profile

3 Jan 15, 2023

Comments

Very small or non-blocksize-multiple input size may not be decrypting properly

I can have some self-contained test cases on this in the coming days to showcase this, although speaking at a high level, I noticed that with this (Rocca) code (but not the similarly designed Morus one), small-sized (< 16 byte) inputs and/or inputs not a multiple of the blocksize, the decryption of an encrypted plaintext didn't return the original. For larger inputs or full integer multiple sizes I believe it was all working correctly. I thought this would be easy to reproduce with some test inputs at those sizes, but if not, please let me know. Note that the very similarly styled implementation for Morus didn't have an issue. Because these have similar design, looking at differences between them may help uncover what's going on. I'm using the encrypt/decrypt in-place mode.

opened by Intensity 3
Consider implementing untagged decryption mode for select use cases

Although Rocca is an authenticated encryption mode producing and consuming a tag, it's possible that the user may deliberately not want to validate with a tag in some cases (they may not have it, or they may be achieving integrity checking in another way). I may point to a kind of "daisy chained" series of AEAD operations, or a length-preserving all-or-nothing-transform as examples.

And so this is a suggestion to consider a variant in this (and related/Morus) code to not validate against a tag when the user deliberately wants to do that.

A related idea is to have the decrypt produce the tag that the in-place encryption would have produced, and to return it instead of consuming it.

opened by Intensity 1

Owner

Frank Denis

Parisian fashion photographer with a knack for cryptography, computer vision, opensource software and infosec. Get my public keys here: https://sk.tl/7CPRo8kn

GitHub

OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.

OpenSK This repository contains a Rust implementation of a FIDO2 authenticator. We developed this as a Tock OS application and it has been successfull