public class Ascon128CipherSpi extends AsconCipherSpi
Ascon-128 uses a duplex-sponge-based mode of operation and provides 128-bit security for authenticated encryption.
Ascon-128 uses a 128-bit key, a 128-bit nonce, and associated data of variable length. The associated data and plaintext are processed in blocks of 64 bits. After each injected block (except the last plaintext block), a permutation of 6 rounds is applied. During initialization and finalization, a stronger permutation of 12 rounds is used. Finally, the ciphertext and a 128-bit tag are produced as its output. For more details, we refer to the official Ascon specification.
Usage example:
// register IAIK-LW provider IaikLw.addAsProvider();
// the message to be encrypted byte[] msg = ...;
// any associated (additional authentication) data byte[] associatedData = ...;
// generate the secret key
KeyGenerator keyGenerator = KeyGenerator.getInstance("Ascon-128");
SecretKey key = keyGenerator.generateKey();
// encryption
Cipher encrCipher = Cipher.getInstance("Ascon-128/NONE/NoPadding");
encrCipher.init(Cipher.ENCRYPT_MODE, key);
encrCipher.updateAAD(associatedData);
byte[] cipherText = encrCipher.doFinal(msg);
// get parameters generated by the Cipher AlgorithmParameters params = cipher.getParameters();
// decryption
Cipher decrCipher = Cipher.getInstance("Ascon-128/NONE/NoPadding");
decrCipher.init(Cipher.DECRYPT_MODE, key, params);
decrCipher.updateAAD(associatedData);
byte[] plainText = decrCipher.doFinal(cipherText);
If the Ascon Cipher is initialized for encryption without parameters,
as shown in the example above, the required parameters (tag length and
nonce) are automatically created by the Ascon Cipher itself. This ensures
that a fresh nonce is created anytime before an encryption operation is
performed. Thus, it is impossible to use the same nonce repeatedly with the
same key.
parameters, make sure that
you do not use the same nonce again with the same key:
int tagSize = 16;
byte[] nonce = new byte[16];
SecureRandom random = ...;
random.nextBytes(random);
AsconParameterSpec params = new AsconParameterSpec(tagSize, nonce);
Cipher encrCipher = Cipher.getInstance("Ascon-128/NONE/NoPadding");
encrCipher.init(Cipher.ENCRYPT_MODE, key, params);
encrCipher.updateAAD(associatedData);
byte[] cipherText = encrCipher.doFinal(msg);
| Constructor and Description |
|---|
Ascon128CipherSpi() |
| Modifier and Type | Method and Description |
|---|---|
protected int |
getKeySize()
Gets the key size in number of bytes.
|
protected int |
getRate()
Gets the rate (block size) in number of bytes.
|
protected String |
getVariant()
Gets the variant name.
|
engineDoFinal, engineDoFinal, engineGetBlockSize, engineGetIV, engineGetOutputSize, engineGetParameters, engineInit, engineInit, engineInit, engineSetMode, engineSetPadding, engineUpdate, engineUpdate, engineUpdateAAD, engineUpdateAADengineDoFinal, engineGetKeySize, engineUnwrap, engineUpdate, engineWrapprotected String getVariant()
getVariant in class AsconCipherSpiprotected int getRate()
getRate in class AsconCipherSpiprotected int getKeySize()
getKeySize in class AsconCipherSpiCopyright © 2022–2023 Stiftung SIC. All rights reserved.