Skip to content

jedisct1/libaegis

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

163 Commits

.github/workflows

.github/workflows

 
 

cmake

cmake

 
 

img

img

 
 

src

src

 
 

.clang-format

.clang-format

 
 

.gitignore

.gitignore

 
 

CMakeLists.txt

CMakeLists.txt

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

build.zig

build.zig

 
 

Repository files navigation

libaegis

Portable C implementations of the AEGIS family of high-performance authenticated ciphers (AEGIS-128L, AEGIS-128X2, AEGIS-128X4, AEGIS-256, AEGIS-256X2, AEGIS-256X4), with runtime CPU detection.

Features

  • AEGIS-128L with 16 and 32 bytes tags (software, AES-NI, ARM Crypto)
  • AEGIS-128X2 with 16 and 32 bytes tags (software, VAES + AVX2, AES-NI, ARM Crypto)
  • AEGIS-128X4 with 16 and 32 bytes tags (software, AVX512, VAES + AVX2, AES-NI, ARM Crypto)
  • AEGIS-256 with 16 and 32 bytes tags (software, AES-NI, ARM Crypto)
  • AEGIS-256X2 with 16 and 32 bytes tags (software, VAES + AVX2, AES-NI, ARM Crypto)
  • AEGIS-256X4 with 16 and 32 bytes tags (software, AVX512, VAES + AVX2, AES-NI, ARM Crypto)
  • All variants of AEGIS-MAC, supporting incremental updates and key commitment
  • Encryption and decryption with attached and detached tags
  • Incremental encryption and decryption
  • Unauthenticated encryption and decryption (not recommended - only implemented for specific protocols)
  • Deterministic pseudorandom stream generation.

Installation

Note that the compiler makes a difference. Zig (or a recent clang with target-specific options such as -march=native) produces more efficient code than gcc.

Compilation with zig:

zig build -Drelease

The library and headers are installed in the zig-out folder.

To favor performance over side-channel mitigations on WebAssembly and on devices without hardware acceleration, add -Dfavor-performance:

zig build -Drelease -Dfavor-performance

A benchmark can also be built with the -Dwith-benchmark option:

zig build -Drelease -Dwith-benchmark

Compilation with cmake:

mkdir build
cd build
cmake -DCMAKE_INSTALL_PREFIX=/install/prefix ..
make install

To favor performance over side-channel mitigations on WebAssembly and on devices without hardware acceleration, add -DFAVOR_PERFORMANCE.

Direct inclusion

Copy everything in src directly into your project, and compile everything like regular C code. No special configuration is required.

Usage

Include <aegis.h> and call aegis_init() prior to doing anything else with the library.

aegis_init() checks the CPU capabilities in order to later use the fastest implementations.

Bindings

  • aegis is a set of bindings for Rust.

Libaegis users

  • fizz is Facebook's implementation of TLS 1.3.
  • picotls is a TLS 1.3 implementation in C, with support for the AEGIS cipher suites.
  • h2o is an HTTP/{1,2,3} serverwith support for the AEGIS cipher suites.

Benchmarks

AEGIS is very fast on CPUs with parallel execution pipelines and AES support.

Encryption (16 KB)

AEGIS benchmark results

Authentication (64 KB)

AEGIS-MAC benchmark results

About

Portable C implementations of the AEGIS family of high-performance authenticated encryption algorithms.

datatracker.ietf.org/doc/draft-irtf-cfrg-aegis-aead/

Topics

cryptography aead cipher aegis libaegis aegis128l aegis256 aegis128x aegis256x

Resources

Readme

License

MIT license
Activity

Stars

47 stars

Watchers

5 watching

Forks

9 forks
Report repository

Releases 15

0.1.22 Latest
May 11, 2024
+ 14 releases

Packages

No packages published

Contributors 2

Languages