Cosmian CryptoCore   ![Build Status] ![Latest Version]

This crate implements the cryptographic primitives which are used in many other Cosmian resources:

• a Data Encryption Method (DEM) based on AES256-GCM (128 bytes of security) offering a simple API (Nonce management and authentication checks are internals);
• a Diffie-Hellman key pair based on the curve25519 (128 bytes of security) allowing implementation of Diffie-Hellman based asymmetric cryptography;
• a Random Number Generator (RNG) implementing the ChaCha algorithm with 12 rounds (128 bytes of security).
• a Key Derivation Function (KDF) based on SHAKE128 (128 bytes of security);

All these primitives are use pure rust implementations, are secure, and used the fastest known algorithms. They offer a great basis on which to build more complex softwares.

Getting started

The following example can be run using cargo run --example demo.

```rust use cosmiancryptocore::{ asymmetriccrypto::{curve25519::X25519KeyPair, DhKeyPair}, kdf, reexport::randcore::SeedableRng, symmetriccrypto::{aes256gcmpure::Aes256GcmCrypto, Dem, SymKey}, CsRng, KeyTrait, }; use sha3::{ digest::XofReader, digest::{ExtendableOutput, Update}, Shake128, };

// The random generator should be instantiated at the highest possible // level since its creation is relatively costly. let mut rng = CsRng::from_entropy();

// Secret message we want to transmit privately. let plaintext = b"My secret message";

// Publicly known information. It can be used to enforce context separation. let additionaldata = Some(b"Some public tag".asslice());

// Setting of the asymmetric keys let bobkeypair = X25519KeyPair::new(&mut rng); let alicekeypair = X25519KeyPair::new(&mut rng);

// In real world applications, DHKEX is often used to derive a symmetric key. let sharedsecret = bobkeypair.publickey() * alicekeypair.private_key();

// Derivation of a secret key from the DHKEX shared secret. const KEYDERIVATIONINFO: &[u8] = b"Curve25519 KDF derivation"; const KEYLENGTH: usize = Aes256GcmCrypto::KEYLENGTH; let symmetrickey = SymKey::::frombytes(kdf!( KEYLENGTH, &sharedsecret.tobytes(), KEYDERIVATION_INFO ));

// DEM encapsulation using AES256-GCM. In order to prevent nonce reuse, // the nonce is managed internally. let c = Aes256GcmCrypto::encrypt(&mut rng, &symmetrickey, plaintext, additionaldata).unwrap();

// DEM decryption using AES256-GCM. The additional data used should be the // same as the one given for encryption. let res = Aes256GcmCrypto::decrypt(&symmetrickey, &c, additionaldata).unwrap();

assert_eq!(res, plaintext, "Decryption failed!");

println!("Message has been privately and successfully transmitted!"); ```

Building and Testing

Build

To install and build Cosmian CryptoCore, just clone the repo:

git clone https://github.com/Cosmian/crypto_core.git

and build it with Cargo:

cargo build --release

Use

To use Cosmian CryptoCore in another Rust software, just add the dependency using Cargo:

cargo add cosmian_crypto_core

and use it in your project!

Run tests and benchmarks

Tests can be run with:

cargo test --release

Benchmarks can be run with:

cargo bench

Features and Benchmarks

The benchmarks given below are run on a Intel(R) Core(TM) i7-10750H CPU @ 3.20GHz.

Asymmetric Crypto

This crate implements a Diffie-Hellman asymmetric key pair based on the Curve25519. This is one of the fastest elliptic curves known at this time and it offers 128 bits of security.

It uses the Dalek implementation, which offers an implementation of the Ristretto technique to construct a prime order group on the curve. This group is used to implement the public key.

Bench the Group-Scalar multiplication on which is based the Diffie-Helman key exchange time: [59.932 µs 60.131 µs 60.364 µs]

Symmetric Crypto

This crate implements a Data Encryption Method (DEM) based on the AES256-GCM algorithm, as described in the ISO 2004. This implementation is 128-bits secure in both the classic and the post-quantum models.

It uses the aes_gcm implementation of the AES GCM algorithm. This implementation makes use of the AES instruction set when available, which allows for a high encryption speed.

``` Bench the DEM encryption of a 2048-bytes message without additional data time: [2.7910 µs 2.7911 µs 2.7914 µs]

Bench the DEM decryption of a 2048-bytes message without additional data time: [2.7074 µs 2.7079 µs 2.7085 µs] ```

Random Number Generator (RNG)

This crate uses the implementation of the CHACHA algorithm with 12 rounds from the rand_chacha crate to construct our RNG. It is therefore 128-bits secure.

Bench the generation of a cryptographic RNG time: [353.84 ns 353.96 ns 354.10 ns]

Key Derivation Function (KDF)

This crate uses the pure rust implementation of the SHAKE128 algorithm from the sha3 crate. This allows implementing a KDF which 128-bits secure for input sizes of at least 256 bits (32 bytes).

bench the KDF derivation of a 32-bytes IKM into a 64-bytes key time: [1.1065 µs 1.1067 µs 1.1070 µs]

Documentation

The documentation can be generated using Cargo:

cargo docs

It is also available on doc.rs.