Crate chaskey [−] [src]
The Chaskey lightweight message authentication code (MAC).
Chaskey is a lightweight message authentication code (MAC) designed for 32-bit microcontrollers. It has some resemblances to the better-known SipHash MAC, but:
- SipHash was designed to work on 64-bit words, Chaskey on 32-bit words;
- SipHash produces 64-bit tags, Chaskey 128 bits (or fewer, by truncating the tags).
This crate supports three published variants of Chaskey:
- The original (8-round) algorithm (our
Chaskeytype); - The 12-round variant Chaskey-12 (our
Chaskey12type); - The 16-round variant Chaskey-LTS (our
ChaskeyLtstype).
Variants are selected by the type parameter given to the
Digester type.
Disclaimer
While Chaskey is a cryptographic algorithm, this implementation has not been reviewed for security. Use at your own risk.
Correctness
The 8-round and 12-round MACs variants are tested with the official test vectors. I have not found test vectors for the Chaskey-LTS MAC, but the FELICS project has some for its underlying block cipher, which I do verify.
Examples
Using the basic (8 round) Chaskey variant:
use chaskey::{Digester, Chaskey, Tag}; use rand::{Rng, OsRng}; use rustc_serialize::hex::ToHex; let mut rng: OsRng = OsRng::new().unwrap(); let key: [u32; 4] = rng.gen(); let mut mac: Digester<Chaskey> = Digester::new(key); let tag1: Tag = { mac.write("Hello world!".as_bytes()); mac.finish() }; println!("tag1 = {}", tag1.to_hex()); let tag2: Tag = { mac.reset(); mac.write("Hello world!".as_bytes()); mac.finish() }; println!("tag2 = {}", tag2.to_hex()); let tag3: Tag = { mac.reset(); mac.write("mwahahahaha!".as_bytes()); mac.finish() }; println!("tag3 = {}", tag3.to_hex()); // Note that the `Tag` type does constant-time equality // comparisons (or at least it tries to), so as to avoid // timing attacks. Tread carefully! assert!(tag1 == tag2); assert!(tag2 != tag3);
To use the Chaskey-12 or Chaskey-LTS variants you just change the type
parameter to the Digester:
use chaskey::{Digester, Chaskey, Chaskey12, ChaskeyLTS, Tag}; use rand::{Rng, OsRng}; use rustc_serialize::hex::ToHex; let mut rng: OsRng = OsRng::new().unwrap(); let key: [u32; 4] = rng.gen(); let tag1: Tag = { // Note the `Chaskey` type parameter here: let mut mac: Digester<Chaskey> = Digester::new(key); mac.write("Hello world!".as_bytes()); mac.finish() }; println!("tag1 = {}", tag1.to_hex()); let tag2: Tag = { // Note the `Chaskey12` type parameter here: let mut mac: Digester<Chaskey12> = Digester::new(key); mac.write("Hello world!".as_bytes()); mac.finish() }; println!("tag2 = {}", tag2.to_hex()); let tag3: Tag = { // Note the `ChaskeyLTS` type parameter here: let mut mac: Digester<ChaskeyLTS> = Digester::new(key); mac.write("Hello world!".as_bytes()); mac.finish() }; println!("tag3 = {}", tag3.to_hex());
References
- FELICS Project, Université de Luxembourg. FELICS: Fair Evauation of Lightweight Cryptographic Systems. Web site accessed May 2016.
- Mouha, Nicky, Bart Mennik, Anthony Van Herrewege, Dai Watanabe, Bart Preneet and Ingrid Verbauwhede. 2014. "Chaskey: An Efficient MAC Algorithm for 32-bit Microcontrollers." Cryptology ePrint Archive, Report 2014/386.
- Mouha, Nicky. 2015. "Chaskey: a MAC Algorithm for Microcontrollers: Status Update and Proposal of Chaskey-12." Cryptology ePrint Archive, Report 2015/1182.
- Mouha, Nicky. "Chaskey." Web page, accessed May 2016.
Reexports
pub use core::{Chaskey, Chaskey12, ChaskeyLTS}; |
Modules
| cipher |
The Chaskey block cipher. |
| core |
Core functions used to implement Chaskey. |
Structs
| Digester |
An incremental Chaskey digester. This is a |
| Tag |
A 128-bit Chaskey tag. |