An intent-keyed stream cipher. Research artifact and educational exploration — not production cryptography.
Status. This cipher uses floating-point arithmetic internally, has not been formally cryptanalyzed, and is not guaranteed to be bit-identical across platforms. Do not use it to protect real data. For that, use an audited library such as
ring,age,chacha20poly1305, orlibsodium.
A stream cipher that takes three inputs: a key, an intent (an arbitrary byte string), and a plaintext. The intent is mixed into the key schedule and thus into the keystream.
use intent_cipher::{encipher, decipher};
// Same key + same plaintext + different intent → different ciphertext
let ct1 = encipher(b"my_key", b"medical treatment", b"patient data");
let ct2 = encipher(b"my_key", b"insurance pricing", b"patient data");
assert_ne!(ct1, ct2);
// Matching intent decrypts correctly
let pt = decipher(b"my_key", b"medical treatment", &ct1);
assert_eq!(pt, b"patient data");
// Mismatched intent produces different bytes (not a recovery of plaintext)
let garbage = decipher(b"my_key", b"insurance pricing", &ct1);
assert_ne!(garbage, b"patient data");intent is additional key material. Functionally, it behaves like a nonce or a salt: two different byte strings produce two different keystreams. The cipher does not parse or understand the intent — it hashes its bytes into the key derivation.
Framing this input as "intent" is a naming/UX choice that makes it legible for purpose-bound use cases. It is not a new cryptographic primitive.
Where real purpose-binding lives. If you need cryptographic constructions where purpose or policy is formally bound to the encryption operation, look at:
- Attribute-Based Encryption (Sahai & Waters, 2005)
- Functional Encryption (Boneh, Sahai & Waters, 2011)
- Predicate Encryption, Policy-Based Encryption
Those are rigorously defined, have formal security definitions, and are substantially stronger than this artifact.
What this cipher offers. A compact demonstration, in a few hundred lines of Rust, of a "semantic nonce" pattern — where an application supplies a purpose-shaped input that distinguishes encryption sessions. As a pedagogical sketch or as part of a hermetic-computing exploration (kybalion), it may be useful. As encryption for real data, it is not.
The cipher generates a keystream from seven interacting internal state components, each named after a principle from the Hermetic Computing framework:
| Component | Principle | Role in the keystream |
|---|---|---|
| Essence | Mentalism | Key + intent reduced to an internal state |
| Veil | Correspondence | Additional derived state |
| Spectrum | Vibration | DFT-derived state with per-byte feedback |
| Poles | Polarity | Positions evolved per byte |
| Rhythms | Rhythm | 32 oscillators with prime periods |
| Causal | Causality | Running accumulator over all prior output |
| Seeds | Generation | LCG-style expansion + bit-mask |
XOR is used for the final combining step; encryption and decryption are the same operation.
Internally the cipher uses f64, sin, cos, and a DFT. That is why it is not cross-platform deterministic at the bit level and why it is classified here as illustrative.
// Simple functions
let ct = intent_cipher::encipher(key, intent, plaintext);
let pt = intent_cipher::decipher(key, intent, &ct);
// Struct for streaming / inspection
let mut cipher = IntentCipher::new(key, intent);
let ct = cipher.encipher(plaintext);
println!("causal state: {:016x}", cipher.causal_state());
println!("bytes produced: {}", cipher.bytes_produced());
// Hex utilities
let hex = intent_cipher::to_hex(&ct);
let bytes = intent_cipher::from_hex(&hex).unwrap();[dependencies]
intent-cipher = "0.2"- Hermetic Computing — the full framework this cipher is a composition of.
- Opus — the narrative context of how this was built.
MIT