This crate provides a concrete parameterization of the Sphinx
cryptographic packet format which can be used to construct a
great many different kinds of cryptographic packet switching
networks including high and low latency anonymity networks;
especially mix networks.
"An ancient Egyptian stone figure having a lion's body and a human or animal head."
The reference implementation of Sphinx used the Lioness, a wide-block cipher (aka SPRP) to encrypt the packet body, hence its namesake. This implementation uses AEZ to encrypt the packet body instead of Lioness because it's much faster.
"Sphinx Mix Network Cryptographic Packet Format Specification" :
Sphinx: A Compact and Provably Secure Mix Format
by George Danezis and Ian Goldberg.
This Sphinx implementation is binary compatible with the Katzenpost golang Sphinx and shares test vectors. ( https://github.com/katzenpost/core/tree/master/sphinx ) The cryptographic parameterization is:
- EXP(X, Y) - X25519
- MAC(K, M), H(M) - HMAC-SHA256-128
- S(K, IV) - CTR-AES128
- KDF(SALT, IKM) - HKDF expand SHA256
- SPRP_Encrypt(K, M)/SPRP_Decrypt(K, M) - AEZv5
The Sphinx packet geometry is parameterized in the constants submodule.
Sphinx has the following features:
- Single Use Reply Blocks
- per hop bitwise unlinkability
- indistinguishable replies
- hidden path length
- hidden relay position
- tagging attack detection
- reply attack detection
This code has not been formally audited by a cryptographer. It therefore should not be considered safe or correct. Use it at your own risk!
sphinxcrypto, add the following to the dependencies section of
sphinxcrypto = "^0.1.1"
Then import the crate as:
extern crate sphinxcrypto;
This library is a Rust language port of Yawning's Katzenpost Sphinx implementation:
Thanks to Jeff Burdges for helping me with some of my rust problems.
GNU AFFERO GENERAL PUBLIC LICENSE