public class Ascon128CipherSpi extends AsconCipherSpi
Ascon-128 uses a duplex-sponge-based mode of operation and provides 128-bit security for authenticated encryption.
Ascon-128 uses a 128-bit key, a 128-bit nonce, and associated data of variable length. The associated data and plaintext are processed in blocks of 64 bits. After each injected block (except the last plaintext block), a permutation of 6 rounds is applied. During initialization and finalization, a stronger permutation of 12 rounds is used. Finally, the ciphertext and a 128-bit tag are produced as its output. For more details, we refer to the official Ascon specification.
Usage example:
// register IAIK-LW provider IaikLw.addAsProvider();
// the message to be encrypted byte[] msg = ...;
// any associated (additional authentication) data byte[] associatedData = ...;
// generate the secret key KeyGenerator keyGenerator = KeyGenerator.getInstance("Ascon-128"); SecretKey key = keyGenerator.generateKey();
// encryption Cipher encrCipher = Cipher.getInstance("Ascon-128/NONE/NoPadding"); encrCipher.init(Cipher.ENCRYPT_MODE, key); encrCipher.updateAAD(associatedData); byte[] cipherText = encrCipher.doFinal(msg);
// get parameters generated by the Cipher AlgorithmParameters params = cipher.getParameters();
// decryption Cipher decrCipher = Cipher.getInstance("Ascon-128/NONE/NoPadding"); decrCipher.init(Cipher.DECRYPT_MODE, key, params); decrCipher.updateAAD(associatedData); byte[] plainText = decrCipher.doFinal(cipherText);If the Ascon Cipher is initialized for encryption without parameters, as shown in the example above, the required parameters (tag length and nonce) are automatically created by the Ascon Cipher itself. This ensures that a fresh nonce is created anytime before an encryption operation is performed. Thus, it is impossible to use the same nonce repeatedly with the same key.
parameters
, make sure that
you do not use the same nonce again with the same key:
int tagSize = 16; byte[] nonce = new byte[16]; SecureRandom random = ...; random.nextBytes(random); AsconParameterSpec params = new AsconParameterSpec(tagSize, nonce); Cipher encrCipher = Cipher.getInstance("Ascon-128/NONE/NoPadding"); encrCipher.init(Cipher.ENCRYPT_MODE, key, params); encrCipher.updateAAD(associatedData); byte[] cipherText = encrCipher.doFinal(msg);
Constructor and Description |
---|
Ascon128CipherSpi() |
Modifier and Type | Method and Description |
---|---|
protected int |
getKeySize()
Gets the key size in number of bytes.
|
protected int |
getRate()
Gets the rate (block size) in number of bytes.
|
protected String |
getVariant()
Gets the variant name.
|
engineDoFinal, engineDoFinal, engineGetBlockSize, engineGetIV, engineGetOutputSize, engineGetParameters, engineInit, engineInit, engineInit, engineSetMode, engineSetPadding, engineUpdate, engineUpdate, engineUpdateAAD, engineUpdateAAD
engineDoFinal, engineGetKeySize, engineUnwrap, engineUpdate, engineWrap
protected String getVariant()
getVariant
in class AsconCipherSpi
protected int getRate()
getRate
in class AsconCipherSpi
protected int getKeySize()
getKeySize
in class AsconCipherSpi
Copyright © 2022–2023 Stiftung SIC. All rights reserved.