C-Sharp icon indicating copy to clipboard operation
C-Sharp copied to clipboard
verified publisher icon TheAlgorithms

Add Ascon Hash Algorithm

Open Kalkwst opened this issue 1 year ago • 1 comments

Summary of Changes

This pull request implements the AsconHash algorithm along with the necessary cryptographic exceptions and utility functions. The changes are structured as follows:

1. AsconHash Algorithm:

  • Added two variants: AsconHash and AsconHashA.
  • Both variants follow the official Ascon specification.
  • Includes methods for:
    • Updating the hash state with input data via Update.
    • Finalizing the hash computation with DoFinal.
    • Resetting the internal state for new hashing operations with Reset.

2. Cryptographic Exceptions:

  • CryptoException: A base exception for cryptographic errors.
  • DataLengthException: Thrown when the input data length is invalid for processing.
  • OutputLengthException: Thrown when the output buffer is too short for the resulting data.

3. Utility Classes:

  • ByteEncodingUtils:
    • Provides functions for converting between byte arrays and 64-bit integers in big-endian format.
    • Includes methods for writing and reading data to/from byte arrays efficiently.
  • ValidationUtils:
    • Contains validation methods to ensure input and output buffers meet the required sizes.
    • Throws the appropriate exceptions (DataLengthException or OutputLengthException) when validation fails.

Cross-Examination of Hash Values

To ensure the accuracy and correctness of the implemented AsconHash algorithm, the resulting hash values from this implementation have been cross-examined against values generated by trusted and vetted cryptographic libraries, including Bouncy Castle. The hashes were verified to match exactly for identical input data, ensuring that this implementation is in line with established cryptographic standards and is fully compatible with the Ascon specifications.

How Ascon Algorithm Works

Ascon is a lightweight cryptographic algorithm designed to provide secure hashing and authenticated encryption. It is particularly optimized for constrained environments such as IoT devices and embedded systems. Ascon utilizes a sponge construction, which processes data in two phases:

  • Absorption Phase: The input data is XOR-ed into the internal state in 64-bit chunks. Each chunk is absorbed into the state, followed by a permutation function.
  • Squeezing Phase: After absorbing all input data, the final hash output is squeezed from the state, with additional permutations to enhance diffusion and non-linearity.

The security of Ascon comes from its permutation function (P), which performs several rounds of bitwise operations, rotations, and mixing using round constants to ensure cryptographic strength.

Context and Use Cases

Ascon was a finalist in the CAESAR competition and has since been standardized as part of the ISO/IEC 29192-6 standard for lightweight cryptography. Its design is focused on efficiency, making it ideal for:

  • IoT Devices: These devices often have limited processing power and memory, where Ascon’s lightweight operations are highly beneficial.

  • Embedded Systems: With minimal computational overhead, Ascon can be implemented in hardware or software for secure data processing.

  • Secure Communications: Ascon is suitable for hashing and encryption in protocols ensuring data integrity, such as message authentication.

  • [x] I have performed a self-review of my code

  • [x] My code follows the style guidelines of this project

  • [x] I have added tests that prove my fix is effective or that my feature works

  • [x] New and existing unit tests pass locally with my changes

  • [x] Comments in areas I changed are up to date

  • [x] I have added comments to hard-to-understand areas of my code

  • [x] I have made corresponding changes to the README.md

Kalkwst avatar Oct 14 '24 10:10 Kalkwst

Codecov Report

Attention: Patch coverage is 95.56650% with 9 lines in your changes missing coverage. Please review.

Project coverage is 95.04%. Comparing base (833a0fb) to head (c10337d). Report is 1 commits behind head on master.

Files with missing lines Patch % Lines
Algorithms/Crypto/Digests/AsconDigest.cs 95.55% 3 Missing and 3 partials :warning:
Algorithms/Crypto/Utils/ValidationUtils.cs 85.00% 2 Missing and 1 partial :warning:
Additional details and impacted files 
@@            Coverage Diff             @@
##           master     #479      +/-   ##
==========================================
+ Coverage   95.03%   95.04%   +0.01%     
==========================================
  Files         247      254       +7     
  Lines       10367    10570     +203     
  Branches     1478     1491      +13     
==========================================
+ Hits         9852    10046     +194     
- Misses        395      400       +5     
- Partials      120      124       +4

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

codecov[bot] avatar Oct 14 '24 10:10 codecov[bot]