18 个版本 (8 个稳定版)
| 2.1.2 | 2022 年 9 月 6 日 |
|---|---|
| 2.1.0 | 2022 年 7 月 19 日 |
| 1.3.0 | 2022 年 5 月 31 日 |
| 0.5.3 | 2022 年 4 月 29 日 |
| 0.5.2 | 2022 年 3 月 9 日 |
#898 in 加密学
在 2 crates 中使用
150KB
3K SLoC
cosmian_crypto_base − 
该crate实现了许多Cosmian加密资源中使用的加密原语
- 对称加密:AES 256 GCM(纯和libsodium版本)、xChaCha20(libsodium)、FPE FF1(纯)
- 椭圆曲线:Ristretto Curve 25519
- KDF:HKDF 256
- 素数:提取2^400以内素数的例程
- 熵:具有正态和正态分布的加密安全的伪随机生成器
- brc_cprf:BRC,一种基于树的GGM PRF [GGM84]的简单高效范围约束PRF。这种实例化由Kiayias等人KPTZ13描述,称为最佳范围覆盖(BRC)。
- aes_hash_mmo:使用AES 256的本地实现作为哈希函数。
- 根据rfc5649和rfc3394进行密钥封装/解封装
它还公开了一些特质,如 SymmetricCrypto 和 AsymmetricCrypto(也称为公钥加密)、KEM、DEM 等,这些特质被用作其他构造的构建块。
构建
一些加密方案(特别是xChaCha20)使用 libsodium。默认情况下,这些方案不构建,使用 --feature libsodium 构建它们。应在您的系统上安装 libsodium-dev 库。
默认功能方案都可以构建为WASM目标。
约束PRF
这种结构是来自基于树的GGM PRF [GGM84]的一个简单高效的范围约束PRF。这种实例化已由Kiayias等人描述KPTZ13,并称为最佳范围覆盖(BRC)。
基准测试
Intel(R) Core(TM) i7-8700 CPU @ 3.20GHz - 6400 bogomips . 单线程。
Bench of leaves generation from a node with varying depth (2500 rounds per depth)
Average: 76 nano per leave for depth: 4 (16 leaves)
Average: 79 nano per leave for depth: 5 (32 leaves)
Average: 79 nano per leave for depth: 6 (64 leaves)
Average: 81 nano per leave for depth: 7 (128 leaves)
Average: 80 nano per leave for depth: 8 (256 leaves)
Average: 79 nano per leave for depth: 9 (512 leaves)
Average: 78 nano per leave for depth: 10 (1024 leaves)
Average: 78 nano per leave for depth: 11 (2048 leaves)
Average: 77 nano per leave for depth: 12 (4096 leaves)
Average: 77 nano per leave for depth: 13 (8192 leaves)
Average: 76 nano per leave for depth: 14 (16384 leaves)
Average: 77 nano per leave for depth: 15 (32768 leaves)
Average: 77 nano per leave for depth: 16 (65536 leaves)
Bench of a trapdoor serialization/de-serialization averaged over 50000 rounds
- 1 nodes: serialization/de-serialization 49/38 nanos)
- 2 nodes: serialization/de-serialization 54/39 nanos)
- 3 nodes: serialization/de-serialization 55/40 nanos)
- 4 nodes: serialization/de-serialization 69/49 nanos)
- 5 nodes: serialization/de-serialization 69/47 nanos)
- 6 nodes: serialization/de-serialization 73/49 nanos)
- 7 nodes: serialization/de-serialization 68/47 nanos)
- 8 nodes: serialization/de-serialization 73/50 nanos)
- 9 nodes: serialization/de-serialization 83/55 nanos)
- 10 nodes: serialization/de-serialization 82/56 nanos)
作为哈希函数的AES
使用AES 256的本地实现作为哈希函数。
实现了S. Matyas、C. Meyer和J. Oseas的方案Hᵢ = E(Hᵢ₋₁, Xᵢ)^Xᵢ^Hᵢ₋₁,其中使用密钥K对明文X进行AES加密的结果表示为E(K, X)
参见https://www.esat.kuleuven.be/cosic/publications/article-48.pdf
由于块大小为16,并且我们需要加密32字节(以获得256位哈希),因此我们使用AES计数模式加密两个16字节的块
基准测试
Sha256的实现是libsodium。AES MMO实现对于长度为32字节倍数的数据长度尤其性能出色。
Intel(R) Core(TM) i9-9980HK CPU @ 2.40GHz - 4800 bogomips . 单线程。
Average over 500000 rounds of 16 data bytes: nano per hash aes: 107; sha256 325
Average over 500000 rounds of 32 data bytes: nano per hash aes: 111; sha256 326
Average over 500000 rounds of 48 data bytes: nano per hash aes: 188; sha256 323
Average over 500000 rounds of 64 data bytes: nano per hash aes: 192; sha256 629
Average over 500000 rounds of 80 data bytes: nano per hash aes: 270; sha256 628
Average over 500000 rounds of 96 data bytes: nano per hash aes: 270; sha256 624
Average over 500000 rounds of 112 data bytes: nano per hash aes: 346; sha256 623
Average over 500000 rounds of 128 data bytes: nano per hash aes: 351; sha256 885
Average over 500000 rounds of 144 data bytes: nano per hash aes: 428; sha256 887
Average over 500000 rounds of 160 data bytes: nano per hash aes: 430; sha256 885
Average over 500000 rounds of 176 data bytes: nano per hash aes: 505; sha256 886
Average over 500000 rounds of 192 data bytes: nano per hash aes: 511; sha256 1146
Average over 500000 rounds of 208 data bytes: nano per hash aes: 585; sha256 1150
Average over 500000 rounds of 224 data bytes: nano per hash aes: 592; sha256 1149
Average over 500000 rounds of 240 data bytes: nano per hash aes: 667; sha256 1147
Average over 500000 rounds of 256 data bytes: nano per hash aes: 670; sha256 1405
依赖项
~6.5MB
~126K SLoC