public class Ascon80PQCipherSpi extends AsconCipherSpi
Ascon-80pq uses a 160-bit key and processes the data in blocks of 64 bits. The increased key length of Ascon-80pq provides additional protection against exhaustive key search in the case the availability of quantum computers becomes evident. For more details, we refer to the official Ascon specification.
Usage example:
// register IAIK-LW provider IaikLw.addAsProvider();
// the message to be encrypted byte[] msg = ...; // any associated (additional authentication) data byte[] associatedData = ...;
// generate the secret key KeyGenerator keyGenerator = KeyGenerator.getInstance("Ascon-80pq"); SecretKey key = keyGenerator.generateKey();
// encryption Cipher encrCipher = Cipher.getInstance("Ascon-80pq/NONE/NoPadding"); encrCipher.init(Cipher.ENCRYPT_MODE, key); encrCipher.updateAAD(associatedData); byte[] cipherText = encrCipher.doFinal(msg);
// get parameters generated by the Cipher AlgorithmParameters params = cipher.getParameters();
// decryption Cipher decrCipher = Cipher.getInstance("Ascon-80pq/NONE/NoPadding"); decrCipher.init(Cipher.DECRYPT_MODE, key, params); decrCipher.updateAAD(associatedData); byte[] plainText = decrCipher.doFinal(cipherText);If the Ascon Cipher is initialized for encryption without parameters, as shown in the example above, the required parameters (tag length and nonce) are automatically created by the Ascon Cipher itself. This ensures that a fresh nonce is created anytime before an encryption operation is performed. Thus, it is impossible to use the same nonce repeatedly with the same key.
parameters
, make sure that
you do not use the same nonce again with the same key:
int tagSize = 16; byte[] nonce = new byte[16]; SecureRandom random = ...; random.nextBytes(random); AsconParameterSpec params = new AsconParameterSpec(tagSize, nonce); Cipher encrCipher = Cipher.getInstance("Ascon-80pq/NONE/NoPadding"); encrCipher.init(Cipher.ENCRYPT_MODE, key, params); encrCipher.updateAAD(associatedData); byte[] cipherText = encrCipher.doFinal(msg);
Constructor and Description |
---|
Ascon80PQCipherSpi() |
Modifier and Type | Method and Description |
---|---|
protected int |
getKeySize()
Gets the key size in number of bytes.
|
protected int |
getRate()
Gets the rate (block size) in number of bytes.
|
protected String |
getVariant()
Gets the variant name.
|
engineDoFinal, engineDoFinal, engineGetBlockSize, engineGetIV, engineGetOutputSize, engineGetParameters, engineInit, engineInit, engineInit, engineSetMode, engineSetPadding, engineUpdate, engineUpdate, engineUpdateAAD, engineUpdateAAD
engineDoFinal, engineGetKeySize, engineUnwrap, engineUpdate, engineWrap
protected String getVariant()
getVariant
in class AsconCipherSpi
protected int getRate()
getRate
in class AsconCipherSpi
protected int getKeySize()
getKeySize
in class AsconCipherSpi
Copyright © 2022–2023 Stiftung SIC. All rights reserved.