Cryptographic Algorithms

Leancrypto offers various cryptographic algorithms:

• Authenticated Encryption with Associated Data

  • ChaCha20-Poly1305

  • AES-GCM

  • Ascon-AEAD128 (SP800-232)

  • Ascon Keccak 256 and 512 AEAD, see Ascon-Keccak for full specification

  • cSHAKE-based AEAD algorithm - algorithm devised with leancrypto, see cSHAKE-AEAD for full specification

  • hash-based AEAD algorithm - algorithm devised with leancrypto, see hash_crypt.c for full specification

  • KMAC-based AEAD algorithm - algorithm devised with leancrypto, see KMAC-AEAD for full specification

  • AES-based AEAD algorithm using SHA2 - see symhmac_crypt.c for full specification

  • AES-based AEAD algorithm using Keccak-based KMAC - see symkmac_crypt.c for full specification

• Pseudo Random Number Generators

  • XDRBG256 and XDRBG128 - see XDRBG specification for full specification and proof

  • XDRBG512 - see XDRBG specification for full specification

  • cSHAKE-based PRNG - see cshake_drng.c for full specification - it complies with the XDRBG specification

  • KMAC-based PRNG - see kmac_drng.c for full specification - it complies with the XDRBG specification

  • SP800-90A Hash and HMAC DRBG

  • ChaCha20-based PRNG - see https://www.chronox.de/lrng for specification

• Message Digest algorithms

  • SHA2-256, SHA2-512

  • SHA3-224, SHA3-256, SHA3-384, SHA3-512

  • SHAKE-128, SHAKE-256

  • cSHAKE-128, cSHAKE-256

  • Ascon-Hash256 (SP800-232)

  • Ascon-XOF128 (SP800-232)

• Keyed Message Digest algorithms

  • HMAC

  • KMAC

• Key Derivation Functions

  • HKDF

  • SP800-108 KDF (counter, feedback, double pipelining mode)

  • PBKDF2

• Key Encapsulation Mechanism

  • ML-KEM (Kyber) Key Encapsulation Mechanism (KEM)

  • ML-KEM (Kyber) Key Exchange Mechanism (KEX)

  • ML-KEM (Kyber) Integrated Encryption Schema (IES)

  • ML-KEM (Kyber) hybrid KEM / KEX with Curve25519 and Curve448

  • BIKE Key Encapsulation Mechanism (KEM) (deprecated as specified by original authors)

  • HQC Key Encapsulation Mechanism (KEM) (NIST round 4 winner)

• One Time Pad algorithms

  • HOTP

  • TOTP

• Signature algorithm

  • ML-DSA (Dilithium) including HashML-DSA and external Mu support

  • ML-DSA (Dilithium) hybrid signature operation with Curve25519 and Curve448

  • SLH-DSA (Sphincs+) including HashSLH-DSA with SHAKE

  • SLH-DSA (Sphincs+) including HashSLH-DSA with Ascon

• Symmetric algorithms

  • AES: ECB, CBC, CTR, KW, XTS

  • ChaCha20