Accelerated TinyJambu - Lightweight Authenticated Encryption Algorithms
After working on ascon Authenticated Encryption with Associated Data suite, I've taken up another final round candidate of NIST Light Weight Cryptography competition tinyjambu, which offers three authenticated encryption algorithms, variated based on secret key bit length.
| AEAD Algorithm | Secret Key ( Bit Length ) |
|---|---|
| TinyJambu-128 | 128 |
| TinyJambu-192 | 192 |
| TinyJambu-256 | 256 |
Note Learn more about AEAD here
Note If interested in learning more about my work on Ascon AEAD, see here
TinyJambu-{128, 192, 256} offers lightweight authenticated encryption/ verified decryption algorithms. Encryption/ Decryption procedures take following inputs and computes these outputs.
| Algorithm | Input | Output |
|---|---|---|
encrypt |
16/ 24/ 32 -bytes secret key, 12 -bytes public message nonce, N -bytes of plain text s.t. N >= 0 and N -bytes of associated data s.t. N >= 0 | N -bytes encrypted data s.t. N >= 0 && len(text) == len(cipher) and 8 -bytes authentication tag |
decrypt |
16/ 24/ 32 -bytes secret key, 12 -bytes public message nonce, 8 -bytes of authentication tag, N -bytes encrypted data s.t. N >= 0 and N -bytes of associated data s.t. N >= 0 | N -bytes decrypted data s.t. N >= 0 && len(cipher) == len(text) and boolean flag denoting success of verification |
Here I'm maintaining one easy-to-use, zero-dependency, header-only C++ library, which implements all three variants of TinyJambu. I've also written a Python wrapper interface for underlying C++ implementation, which one might want to use in their Python programs.
Note During implementation, I followed this specification of TinyJambu.
- C++ compilers like
clang++/g++, along C++ standard library, implementing C++20 specification
$ clang++ --version
Ubuntu clang version 14.0.0-1ubuntu1
Target: aarch64-unknown-linux-gnu
Thread model: posix
InstalledDir: /usr/bin
$ g++ --version
g++ (Ubuntu 11.2.0-19ubuntu1) 11.2.0- System development utilities like
make,cmakeandgit
$ make --version
GNU Make 4.3
$ cmake --version
cmake version 3.22.1
$ git --version
git version 2.34.1-
For benchmarking TinyJambu-{128, 192, 256} on CPU, you'll need to have
google-benchmarklibrary globally installed; see this guide. -
If you want to use/ test/ benchmark Python API, you need to have
python3, along with some dependencies, which can be installed usingpip.
$ python3 --version
Python 3.10.8
# If you don't have pip installed
$ sudo apt-get install python3-pip
# Download Python dependencies
$ python3 -m pip install -r wrapper/python/requirements.txt --userNote But probably, you want to use
virtualenvinstead of polluting your global Python installation.
# download virtualenv
python3 -m pip install --user virtualenv
pushd wrapper/python
# create virtualenv work directory
python3 -m virtualenv .
# enable virtualenv
source bin/activate # notice shell prompt change
# download dependencies inside virtualenv
python3 -m pip install -r requirements.txt
# do whatever you want to do inside virtualenv workspace
# ...
# ...
# disable virtualenv
deactivate # notice shell prompt change
popdFor ensuring functional correctness of TinyJambu-{128, 192, 256} AEAD, I've written following test cases
- Given randomly generated secret key, public message nonce, plain text bytes ( length >= 0 ) & associated data bytes ( length >= 0 )
- first, compute encrypted bytes & authentication tag
- then, attempt to decrypt, ensure that verification passes, while also employing byte-by-byte comparison of decrypted and original plain text
- Given randomly generated secret key, public message nonce, plain text bytes ( length >= 0 ) & associated data bytes ( length >= 0 )
- first, compute encrypted bytes & authentication tag
- then, mutate ( just a single bit flip should suffice ) either of secret key/ public message nonce/ authentication tag/ encrypted bytes/ associated data
- finally, attempt to decrypt, authentication tag verification must fail. Alongside check that unverified plain text is never released i.e. plain text bytes should be zeroed in case of tag verification failure.
- Test correctness and compatibility using Known Answer Tests provided with NIST LWC submission of TinyJambu.
Issue following command(s) to run test cases on all variants of TinyJambu
FBK=32 make # 32 feedback bits in-parallel
FBK=64 make # 2x32 feedback bits per iteration
FBK=128 make # 4x32 feedback bits per iterationNote You may safely skip specifying
FBK, default choiceFBK=32is automatically set !
Find micro-benchmarking ( using google-benchmark ) results here
tinyjambu being a simple, zero-dependency, header-only C++ library, it's pretty easy to start using it. Just add ./include path while compiling your program ( inform your compiler about this include path using -I ./include syntax ), which uses tinyjambu.
I've written following example programs which demonstrate use of TinyJambu-{128, 192, 256} C++ API
You may also want to use Python API of tinyjambu, consider checking here for usage example.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent