{"id":26509632,"url":"https://github.com/ppad-tech/aead","last_synced_at":"2025-08-25T20:05:16.817Z","repository":{"id":281793846,"uuid":"946423980","full_name":"ppad-tech/aead","owner":"ppad-tech","description":"Haskell AEAD-ChaCha20-Poly1305","archived":false,"fork":false,"pushed_at":"2025-06-22T18:54:12.000Z","size":79,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-08-25T20:05:15.899Z","etag":null,"topics":["aead","chacha20","cryptography","haskell","poly1305"],"latest_commit_sha":null,"homepage":"","language":"Haskell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ppad-tech.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-03-11T05:45:45.000Z","updated_at":"2025-06-22T18:54:15.000Z","dependencies_parsed_at":"2025-03-11T07:33:13.567Z","dependency_job_id":"1a9fe514-208a-4900-a1b3-4e6a19cd9ae4","html_url":"https://github.com/ppad-tech/aead","commit_stats":null,"previous_names":["ppad-tech/aead"],"tags_count":2,"template":false,"template_full_name":null,"purl":"pkg:github/ppad-tech/aead","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ppad-tech%2Faead","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ppad-tech%2Faead/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ppad-tech%2Faead/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ppad-tech%2Faead/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ppad-tech","download_url":"https://codeload.github.com/ppad-tech/aead/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ppad-tech%2Faead/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":272124753,"owners_count":24877720,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-25T02:00:12.092Z","response_time":1107,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["aead","chacha20","cryptography","haskell","poly1305"],"created_at":"2025-03-21T01:19:55.755Z","updated_at":"2025-08-25T20:05:16.752Z","avatar_url":"https://github.com/ppad-tech.png","language":"Haskell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# aead\n\n[![](https://img.shields.io/hackage/v/ppad-aead?color=blue)](https://hackage.haskell.org/package/ppad-aead)\n![](https://img.shields.io/badge/license-MIT-brightgreen)\n[![](https://img.shields.io/badge/haddock-aead-lightblue)](https://docs.ppad.tech/aead)\n\nA pure Haskell implementation of authenticated encryption with\nassociated data (AEAD) using the ChaCha20-Poly1305 configuration, as\nspecified by [RFC8439][8439].\n\n## Usage\n\nA sample GHCi session:\n\n```\n  \u003e :set -XOverloadedStrings\n  \u003e import qualified Data.ByteString.Base16 as B16 -- just for illustration\n  \u003e\n  \u003e -- import qualified\n  \u003e import qualified Crypto.AEAD.ChaCha20Poly1305 as AEAD\n  \u003e\n  \u003e -- encrypt plaintext with some additional authenticated data, using\n  \u003e -- a secret key and nonce\n  \u003e let key = \"don't tell anyone my secret key!\"\n  \u003e let non = \"or my nonce!\"\n  \u003e let msg = \"this is my secret message\"\n  \u003e let aad = \"and i approve it\"\n  \u003e\n  \u003e -- encryption produces a 128-bit MAC\n  \u003e let Right (cip, mac) = AEAD.encrypt aad key non msg\n  \u003e B16.encode cip\n  \"d6377eab18cad56e8c6176968460e6a548c524b9498c9b993e\"\n  \u003e B16.encode mac\n  \"48751cc57cf5123bc841239c7d563da0\"\n  \u003e\n  \u003e -- supply both to decrypt\n  \u003e AEAD.decrypt aad key non (cip, tag)\n  Right \"this is my secret message\"\n  \u003e\n  \u003e -- bogus MACs will cause decryption to fail\n  \u003e AEAD.decrypt aad key non (cip, \"really i swear!!\")\n  Left InvalidMAC\n```\n\n## Documentation\n\nHaddocks (API documentation, etc.) are hosted at\n[docs.ppad.tech/aead][hadoc].\n\n## Performance\n\nThe aim is best-in-class performance for pure, highly-auditable Haskell\ncode.\n\nCurrent benchmark figures on a simple input from the RFC8439 appendices\non an M4 Silicon MacBook Air look like (use `cabal bench` to run the\nbenchmark suite):\n\n```\n  benchmarking ppad-aead/encrypt\n  time                 10.03 μs   (10.02 μs .. 10.03 μs)\n                       1.000 R²   (1.000 R² .. 1.000 R²)\n  mean                 10.04 μs   (10.04 μs .. 10.05 μs)\n  std dev              9.024 ns   (7.330 ns .. 11.99 ns)\n\n  benchmarking ppad-aead/decrypt\n  time                 10.06 μs   (10.05 μs .. 10.07 μs)\n                       1.000 R²   (1.000 R² .. 1.000 R²)\n  mean                 10.07 μs   (10.06 μs .. 10.08 μs)\n  std dev              26.50 ns   (21.66 ns .. 32.02 ns)\n```\n\n## Security\n\nThis library aims at the maximum security achievable in a\ngarbage-collected language under an optimizing compiler such as GHC, in\nwhich strict constant-timeness can be [challenging to achieve][const].\n\nNote that *at present* we use GHC's native variable-length Integer\ntype internally (relevant to Poly1305 MAC handling), and make no \"hard\"\nguarantees of constant-time execution.\n\nThe AEAD-ChaCha20-Poly1305 implementation within passes all\ntest vectors from RFC8439, as well as the available [Project\nWycheproof vectors][wyche], using the ChaCha20 cipher from\n[ppad-chacha](https://github.com/ppad-tech/chacha) and the Poly1305\nMAC from [ppad-poly1305](https://github.com/ppad-tech/poly1305),\nrespectively.\n\nIf you discover any vulnerabilities, please disclose them via\nsecurity@ppad.tech.\n\n## Development\n\nYou'll require [Nix][nixos] with [flake][flake] support enabled. Enter a\ndevelopment shell with:\n\n```\n$ nix develop\n```\n\nThen do e.g.:\n\n```\n$ cabal repl ppad-aead\n```\n\nto get a REPL for the main library.\n\n[8439]: https://datatracker.ietf.org/doc/html/rfc8439\n[nixos]: https://nixos.org/\n[flake]: https://nixos.org/manual/nix/unstable/command-ref/new-cli/nix3-flake.html\n[hadoc]: https://docs.ppad.tech/aead\n[const]: https://www.chosenplaintext.ca/articles/beginners-guide-constant-time-cryptography.html\n[wyche]: https://github.com/C2SP/wycheproof\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fppad-tech%2Faead","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fppad-tech%2Faead","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fppad-tech%2Faead/lists"}