hctr2
| Crates.io | hctr2 |
| lib.rs | hctr2 |
| version | 0.2.0 |
| created_at | 2023-04-06 16:50:52.316661+00 |
| updated_at | 2023-05-01 10:21:40.72814+00 |
| description | An implementation of the length-preserving encryption HCTR2 algorithm. |
| homepage | |
| repository | https://github.com/ericlagergren/hctr2-rs |
| max_upload_size | |
| id | 832344 |
| size | 1,058,259 |
Eric Lagergren (ericlagergren)
documentation
README
hctr2
Length-preserving encryption algorithm https://eprint.iacr.org/2021/1441.pdf
Installation
[dependencies]
hctr2 = "0.2"
Performance
The performance of HCTR2 is primarily determined by the XCTR and POLYVAL implementations. This module provides ARMv8 and x86-64 assembly XCTR implementations and uses a hardware-accelerated POLYVAL implementation (see polyval).
Results
M1
test bench_hctr2_aes128_4096 ... bench: 9,201 ns/iter (+/- 134) = 445 MB/s
test bench_hctr2_aes128_512 ... bench: 1,144 ns/iter (+/- 37) = 447 MB/s
test bench_hctr2_aes128_8192 ... bench: 18,386 ns/iter (+/- 233) = 445 MB/s
test bench_hctr2_aes256_4096 ... bench: 9,545 ns/iter (+/- 172) = 429 MB/s
test bench_hctr2_aes256_512 ... bench: 1,177 ns/iter (+/- 21) = 435 MB/s
test bench_hctr2_aes256_8192 ... bench: 18,922 ns/iter (+/- 242) = 432 MB/s
For reference, here are the numbers for the reference C implementation.
| CPU | ISA | Frequency | Cycles per byte | API |
|---|---|---|---|---|
| RK3399 | ARMv8 | 1.8 GHz | 1.8 | simd |
| Skylake | x86 | 3.9 GHz | 1.2 | simd |
See also github.com/ericlagergren/hctr2.
Security
Disclosure
This project uses full disclosure. If you find a security bug in an implementation, please e-mail me or create a GitHub issue.
Disclaimer
You should only use cryptography libraries that have been reviewed by cryptographers or cryptography engineers. While I am a cryptography engineer, I'm not your cryptography engineer, and I have not had this project reviewed by any other cryptographers.