NOTE: This has been upstreamed to RustCrypto/AEADs/ocb3.

---

offset-cookbook-mode: Experimental OCB3 and CTX<OCB3>

Rust implementation of AES128-OCB3, specified in RFC 7253, with a 128-bit tag and 96-bit nonce; and CTX<AES128-OCB3>, where CTX is specified in Chan and Rogaway (2022) and instantiated using Blake2s256.

⚠️ Security (Or Lack Thereof)

This crate is experimental and may provide less-than-expected security, please do not use it in practice.

Features

• Implements RustCrypto aead traits.
• #![no_std].

Usage

use offset_cookbook_mode::ocb3_ctx::aead::{AeadInPlace, KeyInit};
use offset_cookbook_mode::ocb3_ctx::{Aes128Ocb3Ctx, Key, Nonce};

let key = Key::from_slice(b"YELLOW SUBMARINE");
let cipher = Aes128Ocb3Ctx::new(&key);

let ad = [0u8; 16];
let nonce = Nonce::from_slice(b"WATER!CRAFT!");

let mut buffer = vec![0u8; 4096];

// encrypt buffer in-place
let tag = cipher
    .encrypt_in_place_detached(&nonce, &ad, &mut buffer)
    .expect("encryption failed");
assert_ne!(buffer, vec![0u8; 4096]);

// decrypt buffer in-place
cipher
    .decrypt_in_place_detached(&nonce, &ad, &mut buffer, &tag)
    .expect("decryption failed");
assert_eq!(buffer, vec![0u8; 4096]);

Benchmarks

Performance on AWS m6i.metal with 4kb input and 16 byte associated data, run with -Ctarget-cpu=native, and comparing with Ring's AES128-GCM and RustCrypto's AES128-GCM.

---

License

This crate is licensed under either Apache License 2.0 or MIT License.