#authenticated-encryption #aead #tink

tink-aead

AEAD functionality for Rust port of Google's Tink cryptography library

9 releases

0.3.0 Nov 28, 2024
0.2.5 Mar 14, 2023
0.2.4 Mar 25, 2022
0.2.1 Oct 8, 2021
0.1.0 Jan 21, 2021

#144 in Cryptography

Download history 36008/week @ 2024-11-15 7311/week @ 2024-11-22 15917/week @ 2024-11-29 18172/week @ 2024-12-06 20019/week @ 2024-12-13 272/week @ 2024-12-20 1686/week @ 2024-12-27 13289/week @ 2025-01-03 20531/week @ 2025-01-10 9023/week @ 2025-01-17 9797/week @ 2025-01-24 9588/week @ 2025-01-31 12432/week @ 2025-02-07 9740/week @ 2025-02-14 19593/week @ 2025-02-21 12854/week @ 2025-02-28

57,695 downloads per month
Used in 3 crates

Apache-2.0

330KB
5K SLoC

Tink-Rust: Authenticated Encryption with Additional Data

Docs MSRV

This crate provides authenticated encryption with additional data (AEAD) functionality, as described in the upstream Tink documentation.

Usage

fn main() -> Result<(), Box<dyn Error>> {
    tink_aead::init();
    let kh = tink_core::keyset::Handle::new(&tink_aead::aes256_gcm_key_template())?;
    let a = tink_aead::new(&kh)?;

    let pt = b"this data needs to be encrypted";
    let aad = b"this data needs to be authenticated, but not encrypted";
    let ct = a.encrypt(pt, aad)?;
    println!("'{}' => {}", String::from_utf8_lossy(pt), hex::encode(&ct));

    let pt2 = a.decrypt(&ct, aad)?;
    assert_eq!(&pt[..], pt2);
    Ok(())
}

License

Apache License, Version 2.0

Known Issues

  • Before version 0.2.4, AES-CTR-HMAC-AEAD keys and the subtle::EncryptThenAuthenticate implementation may be vulnerable to chosen-ciphertext attacks. An attacker can generate ciphertexts that bypass the HMAC verification if and only if all of the following conditions are true:
    • Tink is used on systems where usize is a 32-bit integer. This is usually the case on 32-bit machines.
    • The attacker can specify long (>= 2^29 bytes ~ 536MB) associated data

Disclaimer

This is not an officially supported Google product.

Dependencies

~2.3–4.5MB
~69K SLoC