cryptomator / Siv Mode
Licence: mit
RFC 5297 SIV mode of operation in Java
Stars: ✭ 22
Programming Languages
java
68154 projects - #9 most used programming language
Labels
Projects that are alternatives of or similar to Siv Mode
Forge
A native implementation of TLS in Javascript and tools to write crypto-based and network-heavy webapps
Stars: ✭ 4,204 (+19009.09%)
Mutual labels: cryptography, aes, cipher
Cryptoswift
CryptoSwift is a growing collection of standard and secure cryptographic algorithms implemented in Swift
Stars: ✭ 8,846 (+40109.09%)
Mutual labels: cryptography, aes, cipher
Encrypt
🔒 A set of high-level APIs over PointyCastle for two-way cryptography.
Stars: ✭ 199 (+804.55%)
Mutual labels: cryptography, aes, cipher
Sboot stm32
Secure USB DFU1.1 bootloader for STM32
Stars: ✭ 181 (+722.73%)
Mutual labels: cryptography, cipher
Padding Oracle Attacker
🔓 CLI tool and library to execute padding oracle attacks easily, with support for concurrent network requests and an elegant UI.
Stars: ✭ 136 (+518.18%)
Mutual labels: cryptography, aes
jscrypto
Crypto library for Node/ES6/Typescript/Browser.
Stars: ✭ 20 (-9.09%)
Mutual labels: aes, cipher
django-mirage-field
Django model field encrypt/decrypt your data, keep secret in database.
Stars: ✭ 86 (+290.91%)
Mutual labels: aes, cipher
AES
AES for microcontrollers (Arduino & Raspberry pi)
Stars: ✭ 116 (+427.27%)
Mutual labels: aes, cipher
Keyshuffling
Keyshuffling Attack for Persistent Early Code Execution in the Nintendo 3DS Secure Bootchain
Stars: ✭ 341 (+1450%)
Mutual labels: cryptography, aes
Stegcloak
Hide secrets with invisible characters in plain text securely using passwords 🧙🏻♂️⭐
Stars: ✭ 2,379 (+10713.64%)
Mutual labels: cryptography, cipher
Practical Cryptography For Developers Book
Practical Cryptography for Developers: Hashes, MAC, Key Derivation, DHKE, Symmetric and Asymmetric Ciphers, Public Key Cryptosystems, RSA, Elliptic Curves, ECC, secp256k1, ECDH, ECIES, Digital Signatures, ECDSA, EdDSA
Stars: ✭ 2,400 (+10809.09%)
Mutual labels: cryptography, aes
Simon Speck
The SIMON and SPECK families of lightweight block ciphers. #nsacyber
Stars: ✭ 146 (+563.64%)
Mutual labels: cryptography, cipher
WebCrypto.swift
A small collection of cryptographic functions based on the JavaScript WebCrypto API.
Stars: ✭ 16 (-27.27%)
Mutual labels: aes, cipher
Js Ethereum Cryptography
Every cryptographic primitive needed to work on Ethereum, for the browser and Node.js
Stars: ✭ 83 (+277.27%)
Mutual labels: cryptography, aes
Javascript
A repository for All algorithms implemented in Javascript (for educational purposes only)
Stars: ✭ 16,117 (+73159.09%)
Mutual labels: cryptography, cipher
Oscrypto
Compiler-free Python crypto library backed by the OS, supporting CPython and PyPy
Stars: ✭ 257 (+1068.18%)
Mutual labels: cryptography, aes
Java RFC 5297 SIV Authenticated Encryption
Features
- No dependencies (required BouncyCastle classes are repackaged)
- Passes official RFC 5297 test vectors
- Constant time authentication
- Defaults on AES, but supports any block cipher with a 128-bit block size.
- Supports any key sizes that the block cipher supports (e.g. 128/192/256-bit keys for AES)
- Thread-safe
- Fast
- Requires JDK 8+ or Android API Level 24+ (since version 1.4.0)
Audits
- Version 1.0.8 audit by Tim McLean (Issues fixed with 1.1.0)
- Version 1.2.1 audit by Cure53
| Finding | Comment |
|---|---|
| 1u1-22-001 | The GPG key is used exclusively for the Maven repositories, is designed for signing only and is protected by a 30-character generated password (alphabet size: 96 chars). It is iterated and salted (SHA1 with 20971520 iterations). An offline attack is also very unattractive. Apart from that, this finding has no influence on the Tresor apps1. This was not known to Cure53 at the time of reporting. |
| 1u1-22-002 | As per contract of BlockCipher#processBlock(byte[], int, byte[], int), JceAesBlockCipher is designed to encrypt or decrypt just one single block at a time. JCE doesn't allow us to retrieve the plain cipher without a mode, so we explicitly request AES/ECB/NoPadding. This is by design, because we want the plain cipher for a single 128 bit block without any mode. We're not actually using ECB mode. |
Usage
private static final SivMode AES_SIV = new SivMode();
public void encrypt() {
byte[] encrypted = AES_SIV.encrypt(ctrKey, macKey, "hello world".getBytes());
byte[] decrypted = AES_SIV.decrypt(ctrKey, macKey, encrypted);
}
public void encryptWithAssociatedData() {
byte[] encrypted = AES_SIV.encrypt(ctrKey, macKey, "hello world".getBytes(), "associated".getBytes(), "data".getBytes());
byte[] decrypted = AES_SIV.decrypt(ctrKey, macKey, encrypted, "associated".getBytes(), "data".getBytes());
}
Maven integration
<dependencies>
<dependency>
<groupId>org.cryptomator</groupId>
<artifactId>siv-mode</artifactId>
<version>1.4.0</version>
</dependency>
</dependencies>
JPMS
From version 1.3.2 onwards this library is an explicit module with the name org.cryptomator.siv. You can use it by adding the following line to your module-info.java.
requires org.cryptomator.siv;
Because BouncyCastle classes are shaded, this library only depends on java.base.
Building
This is a Maven project. To build it, run mvn clean install.
Requires JDK 11.0.3 or newer at build time due to JPMS support.
License
Distributed under the MIT X Consortium license. See the LICENSE file for more info.
1 The Cure53 pentesting was performed during the development of the apps for 1&1 Mail & Media GmbH.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].