Skip to content
Sphinx cryptographic packet format
Rust
Branch: master
Clone or download
david415 Fix Sphinx padding bug
Do not leak number of hops in route, use random bytes to pad header instead of zeros.

Fixes #6
Latest commit a5a17ed Nov 17, 2019

README.md

rust-sphinxcrypto

This crate provides a concrete parameterization of the Sphinx cryptographic packet format which can be used to construct a great many different kinds of cryptographic packet switching networks including high and low latency anonymity networks;
especially mix networks.

sphinx


"An ancient Egyptian stone figure having a lion's body and a human or animal head."

The reference implementation of Sphinx used the Lioness, a wide-block cipher (aka SPRP) to encrypt the packet body, hence its namesake. This implementation uses AEZ to encrypt the packet body instead of Lioness because it's much faster.

"Sphinx Mix Network Cryptographic Packet Format Specification" :
https://github.com/katzenpost/docs/blob/master/specs/sphinx.rst

Sphinx: A Compact and Provably Secure Mix Format by George Danezis and Ian Goldberg.
https://cypherpunks.ca/~iang/pubs/Sphinx_Oakland09.pdf

This Sphinx implementation is binary compatible with the Katzenpost golang Sphinx and shares test vectors. ( https://github.com/katzenpost/core/tree/master/sphinx ) The cryptographic parameterization is:

  • EXP(X, Y) - X25519
  • MAC(K, M), H(M) - HMAC-SHA256-128
  • S(K, IV) - CTR-AES128
  • KDF(SALT, IKM) - HKDF expand SHA256
  • SPRP_Encrypt(K, M)/SPRP_Decrypt(K, M) - AEZv5

The Sphinx packet geometry is parameterized in the constants submodule.

Sphinx has the following features:

  • Single Use Reply Blocks
  • per hop bitwise unlinkability
  • indistinguishable replies
  • hidden path length
  • hidden relay position
  • tagging attack detection
  • reply attack detection

warning

This code has not been formally audited by a cryptographer. It therefore should not be considered safe or correct. Use it at your own risk!

installation

To import sphinxcrypto, add the following to the dependencies section of your project's Cargo.toml:

sphinxcrypto = "^0.1.1"

Then import the crate as:

extern crate sphinxcrypto;

acknowledgments

This library is a Rust language port of Yawning's Katzenpost Sphinx implementation:

https://github.com/katzenpost/core/tree/master/sphinx

Thanks to Jeff Burdges for helping me with some of my rust problems.

license

GNU AFFERO GENERAL PUBLIC LICENSE

You can’t perform that action at this time.