{"id":15887870,"url":"https://github.com/ecies/rs","last_synced_at":"2025-05-16T10:06:09.837Z","repository":{"id":35088342,"uuid":"201000017","full_name":"ecies/rs","owner":"ecies","description":"Elliptic Curve Integrated Encryption Scheme for secp256k1 in Rust","archived":false,"fork":false,"pushed_at":"2025-04-02T18:42:19.000Z","size":153,"stargazers_count":84,"open_issues_count":1,"forks_count":23,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-04-12T06:05:58.232Z","etag":null,"topics":["bitcoin","crates","ecies","elliptic-curves","elliptic-curves-cryptography","ethereum","rust"],"latest_commit_sha":null,"homepage":"https://ecies.org/rs","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ecies.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":"kigawas"}},"created_at":"2019-08-07T07:47:17.000Z","updated_at":"2025-04-04T22:40:19.000Z","dependencies_parsed_at":"2023-01-15T13:35:47.932Z","dependency_job_id":"af2429f3-3e05-46df-8c0d-0cefc89ee394","html_url":"https://github.com/ecies/rs","commit_stats":{"total_commits":71,"total_committers":5,"mean_commits":14.2,"dds":"0.11267605633802813","last_synced_commit":"f5ccdce375bab7b469f157cd8902085ba5e5c612"},"previous_names":[],"tags_count":16,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ecies%2Frs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ecies%2Frs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ecies%2Frs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ecies%2Frs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ecies","download_url":"https://codeload.github.com/ecies/rs/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253755888,"owners_count":21959105,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bitcoin","crates","ecies","elliptic-curves","elliptic-curves-cryptography","ethereum","rust"],"created_at":"2024-10-06T06:05:30.995Z","updated_at":"2025-05-16T10:06:09.808Z","avatar_url":"https://github.com/ecies.png","language":"Rust","readme":"# eciesrs\n\n[![Codacy Badge](https://api.codacy.com/project/badge/Grade/1c6d6ed949dd4836ab97421039e8be75)](https://app.codacy.com/gh/ecies/rs/dashboard)\n[![License](https://img.shields.io/github/license/ecies/rs.svg)](https://github.com/ecies/rs)\n[![Crates](https://img.shields.io/crates/v/ecies)](https://crates.io/crates/ecies)\n[![Recent Downloads](https://img.shields.io/crates/dr/ecies)](https://lib.rs/crates/ecies)\n[![Doc](https://docs.rs/ecies/badge.svg)](https://docs.rs/ecies/latest/ecies/)\n[![CI](https://img.shields.io/github/actions/workflow/status/ecies/rs/ci.yml)](https://github.com/ecies/rs/actions)\n[![Codecov](https://img.shields.io/codecov/c/github/ecies/rs.svg)](https://codecov.io/gh/ecies/rs)\n\nElliptic Curve Integrated Encryption Scheme for secp256k1/curve25519 in Rust, based on pure-Rust secp256k1/curve25519 implementation.\n\nECIES functionalities are built upon AES-256-GCM/XChaCha20-Poly1305 and HKDF-SHA256.\n\nThis is the Rust version of [eciesjs](https://github.com/ecies/js).\n\nThis library can be compiled to the WASM target at your option, see [WASM compatibility](#wasm-compatibility).\n\n## Quick start\n\n`no_std` is enabled by default. You can enable `std` with `std` feature.\n\n```toml\necies = {version = \"0.2\", features = [\"std\"]} # MSRV is 1.65\n```\n\n```rust\nuse ecies::{decrypt, encrypt, utils::generate_keypair};\n\nconst MSG: \u0026str = \"hello world🌍\";\nlet (sk, pk) = generate_keypair();\n#[cfg(all(not(feature = \"x25519\"), not(feature = \"ed25519\")))]\nlet (sk, pk) = (\u0026sk.serialize(), \u0026pk.serialize());\n#[cfg(feature = \"x25519\")]\nlet (sk, pk) = (sk.as_bytes(), pk.as_bytes());\n#[cfg(feature = \"ed25519\")]\nlet (sk, pk) = (\u0026sk, \u0026pk);\n\nlet msg = MSG.as_bytes();\nassert_eq!(\n    msg,\n    decrypt(sk, \u0026encrypt(pk, msg).unwrap()).unwrap().as_slice()\n);\n```\n\n## Elliptic curve configuration\n\n### Optional x25519/ed25519 support\n\nYou can choose to use x25519 (key exchange function on curve25519) or ed25519 (signature algorithm on curve25519) instead of secp256k1:\n\n```toml\necies = {version = \"0.2\", features = [\"x25519\"]} # recommended\necies = {version = \"0.2\", features = [\"ed25519\"]} # or if you know what you are doing\n```\n\n### Secp256k1-specific configuration\n\nSome behaviors can be configured by global static variable:\n\n```rust\npub struct Config {\n    pub is_ephemeral_key_compressed: bool,\n    pub is_hkdf_key_compressed: bool\n}\n```\n\nOn `is_ephemeral_key_compressed: true`, the payload would be like: `33 Bytes + AES` instead of `65 Bytes + AES`.\n\nOn `is_hkdf_key_compressed: true`, the hkdf key would be derived from `ephemeral public key (compressed) + shared public key (compressed)` instead of `ephemeral public key (uncompressed) + shared public key (uncompressed)`.\n\n```rust\nuse ecies::config::{Config, update_config};\n\nupdate_config(Config {\n    is_ephemeral_key_compressed: true,\n    is_hkdf_key_compressed: true\n});\n```\n\nFor compatibility, make sure different applications share the same configuration. Normally configuration is only updated once on initialization, if not, beware of race condition.\n\n## Symmetric cipher configuration\n\n### Optional pure Rust AES backend\n\nYou can choose to use OpenSSL implementation or [pure Rust implementation](https://github.com/RustCrypto/AEADs) of AES-256-GCM:\n\n```toml\necies = {version = \"0.2\", default-features = false, features = [\"aes-rust\"]}\n```\n\nDue to some [performance problem](https://github.com/RustCrypto/AEADs/issues/243), OpenSSL is the default backend.\n\nPure Rust implementation is sometimes useful, such as building on WASM:\n\n```bash\ncargo build --no-default-features --features aes-rust --target=wasm32-unknown-unknown\n```\n\n#### Build on x86 CPUs\n\nIf you select the pure Rust backend on modern x86 CPUs, consider building with\n\n```bash\nRUSTFLAGS=\"-Ctarget-cpu=sandybridge -Ctarget-feature=+aes,+sse2,+sse4.1,+ssse3\"\n```\n\nIt can speed up AES encryption/decryption. This would be no longer necessary when [`aes-gcm` supports automatic CPU detection](https://github.com/RustCrypto/AEADs/issues/243#issuecomment-738821935).\n\n#### Build on ARM CPUs\n\nOn ARM CPUs (like Apple), consider building with\n\n```bash\nRUSTFLAGS=\"--cfg aes_armv8\"\n```\n\n### Optional pure Rust XChaCha20-Poly1305 backend\n\nYou can also enable a pure Rust [XChaCha20-Poly1305](https://github.com/RustCrypto/AEADs/tree/master/chacha20poly1305) backend.\n\n```toml\necies = {version = \"0.2\", default-features = false, features = [\"xchacha20\"]}\n```\n\nOn ARM CPUs, enable SIMD with\n\n```bash\nRUSTFLAGS=\"--cfg chacha20_force_neon\"\n```\n\n## WASM compatibility\n\nIt's also possible to build to the `wasm32-unknown-unknown` target (or `wasm32-wasip2`) with the pure Rust backend. Check out [this repo](https://github.com/ecies/rs-wasm) for more details.\n\n## Security\n\n### Why AES-256-GCM and HKDF-SHA256\n\nAEAD scheme like AES-256-GCM should be your first option for symmetric ciphers, with unique IVs in each encryption.\n\nFor key derivation functions on shared points between two asymmetric keys, HKDFs are [proven](https://github.com/ecies/py/issues/82) to be more secure than simple hash functions like SHA256.\n\n### Why XChaCha20-Poly1305 instead of AES-256-GCM\n\nXChaCha20-Poly1305 is a competitive alternative to AES-256-GCM because it's fast and constant-time without dedicated hardware acceleration (resistant to cache-timing attacks). It also has longer nonce length to alleviate the risk of birthday attacks when nonces are generated randomly.\n\n### Cross-language compatibility\n\nAll functionalities are mutually checked among [different languages](https://github.com/ecies): Python, Rust, JavaScript and Golang.\n\n### Security audit\n\nFollowing dependencies are audited:\n\n- [aes-gcm and chacha20poly1305](https://research.nccgroup.com/2020/02/26/public-report-rustcrypto-aes-gcm-and-chacha20poly1305-implementation-review/)\n- [OpenSSL](https://ostif.org/the-ostif-and-quarkslab-audit-of-openssl-is-complete/)\n\n## Benchmark\n\nOn Mac mini M4 Pro (24 GB) on Apr 2, 2025, secp256k1 only.\n\nRust version: 1.85.0 (4d91de4e4 2025-02-17)\n\n### AES backend (OpenSSL)\n\n```bash\n$ cargo bench --no-default-features --features aes-openssl\n\nencrypt 100M            time:   [29.237 ms 29.827 ms 30.628 ms]\nFound 2 outliers among 10 measurements (20.00%)\n  1 (10.00%) low mild\n  1 (10.00%) high mild\n\nencrypt 200M            time:   [86.005 ms 88.055 ms 89.282 ms]\n\ndecrypt 100M            time:   [17.222 ms 17.568 ms 17.977 ms]\nFound 1 outliers among 10 measurements (10.00%)\n  1 (10.00%) high mild\n\ndecrypt 200M            time:   [38.884 ms 39.324 ms 39.693 ms]\nFound 1 outliers among 10 measurements (10.00%)\n  1 (10.00%) high mild\n```\n\n### AES backend (Pure Rust)\n\n```bash\n$ export RUSTFLAGS=\"--cfg aes_armv8\"\n$ cargo bench --no-default-features --features aes-rust\n\nencrypt 100M            time:   [120.40 ms 122.63 ms 127.09 ms]\nFound 1 outliers among 10 measurements (10.00%)\n  1 (10.00%) high severe\n\nencrypt 200M            time:   [253.86 ms 256.43 ms 258.01 ms]\n\ndecrypt 100M            time:   [113.73 ms 114.05 ms 114.39 ms]\n\ndecrypt 200M            time:   [236.41 ms 237.82 ms 239.12 ms]\n```\n\n### XChaCha20 backend\n\n```bash\n$ export RUSTFLAGS=\"--cfg chacha20_force_neon\"\n$ cargo bench --no-default-features --features xchacha20\n\nencrypt 100M            time:   [120.24 ms 120.98 ms 121.63 ms]\n\nencrypt 200M            time:   [257.24 ms 261.22 ms 264.06 ms]\n\ndecrypt 100M            time:   [114.39 ms 114.94 ms 116.03 ms]\n\ndecrypt 200M            time:   [238.09 ms 240.60 ms 242.55 ms]\n```\n\n## Changelog\n\nSee [CHANGELOG.md](./CHANGELOG.md).\n","funding_links":["https://github.com/sponsors/kigawas"],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fecies%2Frs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fecies%2Frs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fecies%2Frs/lists"}