Chaskey Cipher MACChaskey Cipher is light-weight cryptography method for signing messages (MAC) using a 128-bit key [paper]. The hardware implementation only requires 3,334.33 gate equivalent with an operating clock frequency of 1 MHz (whereas Keccak requires 4,658 GE). In the following we create the Mac signature and also encrypt for CBC:
|
Outline
The crypto we have created does not quite scale into an IoT world, and takes up too much chip space and often consumes too much energy. With SHA-256 we need around 15,000 gates, while Keccak (SHA-3) requires 4,658 gates. So how do we sign messages in an efficient way? Well, NIST recommends Chaskey which requires only 3,333 gates at only 1MHz clock rates.
With Chaskey we can use a 128-bit key, and which gives strong security for signing. We can also use it for encryption. For example:
Message: hello Key (128 bits - 32 hex): BD63710BAF4753D0367DBF6A875ACAAB Signature: db6a554716651bc3a818e0c1d01d582d Encrypt (CBC): 18c381d3811319c24af6cd71af70f97f
An outline of the JavaScript code is:
m = 'hello'; var key = 'BD63710BAF4753D0367DBF6A875ACAAB'; document.getElementById("val1").innerHTML = m; document.getElementById("key").innerHTML = key; go(); function go1() { m = 'hello'; document.getElementById("val1").innerHTML = m; document.getElementById("key").innerHTML = key; key = genkey(); go(); } function go() { var message = document.getElementById('val1').value var key = document.getElementById('key').value document.getElementById("val1").innerHTML = message; document.getElementById("encrypted").innerHTML = "Message:\t" + message; document.getElementById("encrypted").innerHTML += "\nKey:\t\t" + key; var mac = new ChaskeyCipher.Mac(); // instantiate a cipher in MAC mode key = readKey(key); mac.set(key); var cif = mac.sign(message); // sign the message document.getElementById("encrypted").innerHTML += "\n\nHash:\t\t" + bytes2hex(cif); var cbc = new ChaskeyCipher.Cbc(); // instantiate a cipher in CBC mode cbc.set(key); // set the key // cbc.init(nonce); // init cipher with a nonce var cif = cbc.encrypt(message); document.getElementById("encrypted").innerHTML += "\nEncrypt:\t" + bytes2hex(cif); } function readKey(k1) { var key = k1 === '' ? [] : k1.split(','); if (key.length == 1) key = key[0].match(/.{1,2}/g); if ([4, 16].indexOf(key.length) == -1) { throw new Error('Invalid key length:' + key.length); } if (key.length == 16) { key = key.map(function (v) { return validByte(parseInt(v, 16), v); }); return new Uint32Array(Uint8Array.from(key).buffer); } if (key.length == 4) { key = key.map(function (v) { return validInt(parseInt(v, 16), v); }); return Uint32Array.from(key); } } function validByte(v, s) { if (v >= 0 && v <= 255) return v; throw new Error('Invalid key digit:' + s); } function validInt(v, s) { if (v >= 0 && v <= 0xFFFFFFFF) return v; throw new Error('Invalid key digit:' + s); } function bytes2hex(blk, dlm) { return Array.prototype.map.call(new Uint8Array(blk.buffer || blk), function (s) { return ('00' + s.toString(16)).slice(-2); }).join(dlm || ''); } function parseHexString(str) { var result = []; while (str.length >= 2) { result.push(parseInt(str.substring(0, 2), 16)); str = str.substring(2, str.length); } return result; } function genkey() { var text = ""; var possible = "ABCDEF0123456789"; for (var i = 0; i < 32; i++) text += possible.charAt(Math.floor(Math.random() * possible.length)); return text; }