Skip to content
Sphinx cryptographic packet format
Branch: master
Clone or download
david415 Fix Sphinx padding bug
Do not leak number of hops in route, use random bytes to pad header instead of zeros.

Fixes #6
Latest commit a5a17ed Nov 17, 2019


This crate provides a concrete parameterization of the Sphinx cryptographic packet format which can be used to construct a great many different kinds of cryptographic packet switching networks including high and low latency anonymity networks;
especially mix networks.


"An ancient Egyptian stone figure having a lion's body and a human or animal head."

The reference implementation of Sphinx used the Lioness, a wide-block cipher (aka SPRP) to encrypt the packet body, hence its namesake. This implementation uses AEZ to encrypt the packet body instead of Lioness because it's much faster.

"Sphinx Mix Network Cryptographic Packet Format Specification" :

Sphinx: A Compact and Provably Secure Mix Format by George Danezis and Ian Goldberg.

This Sphinx implementation is binary compatible with the Katzenpost golang Sphinx and shares test vectors. ( ) The cryptographic parameterization is:

  • EXP(X, Y) - X25519
  • MAC(K, M), H(M) - HMAC-SHA256-128
  • S(K, IV) - CTR-AES128
  • KDF(SALT, IKM) - HKDF expand SHA256
  • SPRP_Encrypt(K, M)/SPRP_Decrypt(K, M) - AEZv5

The Sphinx packet geometry is parameterized in the constants submodule.

Sphinx has the following features:

  • Single Use Reply Blocks
  • per hop bitwise unlinkability
  • indistinguishable replies
  • hidden path length
  • hidden relay position
  • tagging attack detection
  • reply attack detection


This code has not been formally audited by a cryptographer. It therefore should not be considered safe or correct. Use it at your own risk!


To import sphinxcrypto, add the following to the dependencies section of your project's Cargo.toml:

sphinxcrypto = "^0.1.1"

Then import the crate as:

extern crate sphinxcrypto;


This library is a Rust language port of Yawning's Katzenpost Sphinx implementation:

Thanks to Jeff Burdges for helping me with some of my rust problems.



You can’t perform that action at this time.