Git Product home page Git Product logo

adiantum's Introduction

Adiantum and HPolyC

For many storage encryption applications, the ciphertext must be the same size as the plaintext; generally this matches the disk sector size of either 512 or 4096 bytes. This means that standard approaches like AES-GCM or RFC7539 cannot be applied. The standard solution is AES-XTS, but this has two disadvantages:

  • If AES hardware is absent, AES is relatively slow, especially constant-time implementations

  • Using XTS, a one-bit change to the plaintext means only a 16-byte change to the ciphertext, revealing more to the attacker than necessary.

Adiantum uses a fast hash (NH + Poly1305) and a fast stream cipher (XChaCha12) to build a construction which encrypts an entire sector at a time. On an ARM Cortex-A7 processor, Adiantum decrypts 4096-byte messages at 10.6 cycles per byte, over five times faster than AES-256-XTS. It is a "super pseudorandom permutation" over the whole sector, which means that any change to the plaintext of the sector results in an unrecognizably different ciphertext sector and vice versa.

Adiantum appears in IACR Transactions on Symmetric Cryptology, Volume 2018, Issue 4. We also document HPolyC, our first such proposal, which is slower on large messages but simpler and more key agile for small messages.

File layout

  • specification/: LaTeX sources for our paper presenting Adiantum
  • test_vectors/other: Test vectors we use to validate our implementations of other primitives
  • test_vectors/ours: Test vectors we generate, in JSON format
  • python/: Python implementation and test vector generation
  • benchmark/: software we used to generate the benchmarks in our paper
  • third_party/: derived works covered by a different license than our main MIT license


third_party/ includes derived works not covered by the MIT license; specifically software derived from the Linux kernel and licensed under GPLv2.

We include here a variety of algorithms and implementations; we make no guarantee they are suitable for production use.

This is not an officially supported Google product.

adiantum's People


ciphergoth avatar ebiggers avatar


Sibi Antony avatar sensarliar avatar Javed Khan avatar s bacha avatar Ilya avatar Malcolm Seyd avatar Lothian avatar Pol avatar  avatar Wen-Chih Lo avatar Ahmed AlMusharraf avatar Patrick Recher avatar Ajay Jadhav avatar Kevin Languasco avatar Richard Walmsley avatar Reza Eskandari avatar  avatar avatar Joost Hoogendoorn avatar izouxv avatar sinmai avatar Sokolov Yura avatar  avatar  avatar  avatar Mason Grimes  avatar  avatar  avatar NWMonster avatar Keany Vy KHUN avatar Aaron avatar Marcin Dąbrowski avatar Ramon Fischer avatar ryank231231 avatar Kai Devrim avatar カシオ 金城 大関 avatar Air avatar  avatar Gleb avatar Vladimir Minkin avatar Ijat avatar Katsuyuki Tateishi avatar Antonin Deniau avatar alimp5 avatar Alex Bitek avatar Ruben avatar Liu Wenyuan avatar Tom Thorogood avatar  avatar Laszlo Gombos avatar Linz avatar  avatar Thomas Meng avatar L1kw1d avatar Ken avatar Gábor Mihálcz avatar  avatar  avatar carl shen avatar Josh Rickmar avatar Typical Engineer avatar Jakob Kirsch avatar alekzonder avatar Yusuke Hata avatar Chris Lohmann avatar Masanori Ogino avatar Jasmine Hegman avatar Ruslan Skorb avatar Liu Pei Pei avatar  avatar  avatar João Resende avatar  avatar Akash Chandra Gupta avatar dyc avatar  avatar Kevin Jiun-An Lin avatar Thomas Leplus avatar Duc-Thien Bui avatar 时不我待 avatar  avatar jkprg avatar David Kane avatar David Miguel Lozano avatar Simen avatar qtfreet00 avatar  avatar Milldogjm avatar  avatar Wade avatar  avatar Suraj R Gupta avatar  avatar Hoang Phan avatar Tai-Li Shih avatar Shubham Agarwal avatar レアコイル avatar Saeed Rasooli avatar Aren Patel avatar Daniel T. Lee avatar


Paul Crowley avatar Frank Denis avatar jkprg avatar Chris DiBona avatar Vladimir Minkin avatar James Cloos avatar  avatar arun-babu avatar Eric Biggers avatar Jesse Shelley avatar robotR avatar  avatar  avatar gongchoo avatar Wellington Torrejais da Silva avatar  avatar Matt Eaton avatar Pietro avatar Linz avatar  avatar  avatar Rally Wang avatar James avatar Devan Eatch avatar Luc avatar Timothy Clark avatar Andrew D Wolfe Jr avatar  avatar  avatar

adiantum's Issues

Poly1305 test vectors

Hello and thanks for this great project. I look forward to when encryption is on by default everywhere.
I am currently porting this project to C#. Test vectors for NH passed easily, however I'm having trouble with Poly1305. As far as I understand it, Poly1305 isn't the stock algorithm, there was a few tweaks to it. How do the other.json and Poly1305.json test vectors work? For the first entry in other.json, the key is 851f... and the message to MAC is f3f6, resulting in f4c6... correct? What is the mask_hex for? I've tried a number of different things, including running the C code in a C++/CLI project to aid in porting, and am still unable to get a test vector to pass.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.