lwbc

Rust implementations of the SPECK, SIMON, and SIMECK block cipher families.

These are small block ciphers (32-bit and 64-bit blocks) designed by the NSA and academic researchers. While often marketed for constrained environments, small block ciphers have broader applications:

• Encrypting counters - Hide sequential patterns in counter-based systems (packet numbers, sequence IDs)
• Short identifier encryption - Encrypt user IDs, order numbers, or database keys without size expansion
• Format-preserving encryption - Encrypt small fixed-size values while maintaining their original format
• Database field encryption - Encrypt individual columns while preserving storage efficiency
• Obfuscation of sequential data - Turn predictable sequences into seemingly random values
• Protocol design - When you need encryption but can't afford block size overhead
• Embedded systems - Minimal code size and RAM usage
• High-throughput scenarios - Smaller state means better cache utilization

Installation

Add to your Cargo.toml:

[dependencies]
lwbc = { git = "https://github.com/jedisct1/rust-lwbc" }

Usage

Basic encryption/decryption

use lwbc::Speck32;

// Initialize with a 64-bit key (4 x u16)
let cipher = Speck32::new([0x0100, 0x0908, 0x1110, 0x1918]);

// Encrypt a 32-bit block (2 x u16)
let plaintext = [0x6574u16, 0x694c];
let ciphertext = cipher.encrypt(plaintext);
let decrypted = cipher.decrypt(ciphertext);

assert_eq!(plaintext, decrypted);

Byte-oriented API

use lwbc::Speck64;

// Initialize from raw bytes (little-endian)
let cipher = Speck64::from_bytes([
    0x00, 0x01, 0x02, 0x03,
    0x08, 0x09, 0x0a, 0x0b,
    0x10, 0x11, 0x12, 0x13,
    0x18, 0x19, 0x1a, 0x1b,
]);

// Encrypt/decrypt byte arrays directly
let plaintext = [0x74, 0x65, 0x72, 0x3b, 0x2d, 0x43, 0x75, 0x74];
let ciphertext = cipher.encrypt_block(plaintext);
let decrypted = cipher.decrypt_block(ciphertext);

Key whitening

Whitened variants XOR additional key material before and after encryption, providing extra security margin with minimal overhead:

use lwbc::Speck32Whitened;

// Extended key: 4 words for cipher + 2 pre-whitening + 2 post-whitening
let cipher = Speck32Whitened::new([
    0x0100, 0x0908, 0x1110, 0x1918,  // cipher key
    0xdead, 0xbeef,                   // pre-whitening
    0xcafe, 0xbabe,                   // post-whitening
]);

let ciphertext = cipher.encrypt([0x6574, 0x694c]);

Available whitened types: Speck32Whitened, Speck64Whitened, Simon32Whitened, Simon64Whitened, Simeck32Whitened, Simeck64Whitened.

Cipher specifications

Word sizes: 32-bit variants use u16 words, 64-bit variants use u32 words.

Byte order: All byte-level operations use little-endian encoding.

Performance

SPECK is the fastest due to its simple ARX structure. SIMON trades speed for smaller hardware implementation. SIMECK aims to balance both.

Run benchmarks with:

cargo run --release

Security considerations

These ciphers provide strong encryption for their block sizes, but small blocks have inherent limitations:

• Birthday bound: With a 32-bit block, collision probability becomes significant after 2^16 blocks (~65K). For 64-bit blocks, after 2^32 blocks (~4B).
• Block cipher modes: Use appropriate modes (CTR, CBC, etc.) and respect the birthday bound limits.
• Not a replacement for AES: Use standard 128-bit block ciphers when block size overhead is acceptable.

SPECK and SIMON were designed by the NSA and have undergone significant public cryptanalysis. SIMECK was designed by academic researchers at the University of Waterloo.

References

• The SIMON and SPECK Families of Lightweight Block Ciphers - Original NSA paper
• The SIMECK Family of Lightweight Block Ciphers - Academic paper introducing SIMECK
• SIMON and SPECK Implementation Guide - NSA implementation reference

License

MIT