A fast, minimal dependency, key agreement library based on Extended Triple Diffie-Hellman protocol. It is built in Rust, is fast to compile and uses well established cryptographic libraries (Blake3, ed25519-dalek and x25519-dalek) to offer a secure and reliable key-agreement protocol.
- The
curveused isX25519 - The
hashused isBLAKE3 - The default ASCII string identifying the application
infoisX25519_BLAKE3_KEY_AGREEMENT_PROTOCOLand is specified in this library in the namespace constantx3dh_xor::INFO. - The encoding function
Encode(PK)to encode the Diffie-Hellman public keys as a byte sequence is provided by the libraryx25519-dalekon thex25519_dalek::PublicKeymethodsx25519_dalek::PublicKey::to_bytes()andx25519_dalek::PublicKey::as_bytes(). - The concatenation of byte sequences
XandYisX || Y. DH(PK1, PK2)represents a byte sequence which is the shared secret output from an Elliptic Curve Diffie-Hellman function involving the key pairs represented by public keysPK1andPK2. The Elliptic Curve Diffie- Hellman function isX25519.Sig(PK, M)represents a byte sequence that is anEd25519signature on the byte sequenceMand verifies with public keyPK, and which was created by signingMwithPK’s correspondingprivate key. The signing and verification functions forEd25519are provided by the Rust crateed25519_dalek.KDF(KM)represents 32 bytes of output from a HKDF algorithm in this case the crateblake3using the functionblake3::derive_key()with inputs: – HKDF input key material =F || KM, whereKMis an input byte sequence containing secret key material, and F is a byte sequence containing32 0xFFbytes since curve is X25519.Fis used for cryptographic domain separation withEd25519. –HKDF salt= A zero-filled byte sequence with length equal to the hash output length. –HKDF info= The info parameter from theinfoparameter outlined at number3
More changes to improve the security of secrets in memory will be made in the future. Currently this is a great proof-of-concept in creating more information security libraries in Rust