Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

bounty: AES-GCM #140

Closed
4 tasks done
0xJepsen opened this issue Aug 9, 2024 · 8 comments · Fixed by #157
Closed
4 tasks done

bounty: AES-GCM #140

0xJepsen opened this issue Aug 9, 2024 · 8 comments · Fixed by #157
Assignees

Comments

@0xJepsen
Copy link
Contributor

0xJepsen commented Aug 9, 2024

Advanced Encryption Standard: Galois Counter Mode (AES-GCM)

AES-GCM is a block cipher mode of operation for the AES block cipher that is, specifically, counter mode. The effect is that the block cipher becomes a stream cipher.

CTR (Counter) mode: Provides confidentiality.
GCM (Galois/Counter Mode): Provides both confidentiality and authentication.
For Clarity AES-GCM depends is a specification depending upon the counter mode of operation of AES (AES-CTR) and thus counter mode support is required for the completion of this bounty. That being said Ronkathon already has an AES implementation that should be utilized for this so the AES algorithm doesn't need to be implemented.

Requirements

Resources

Criteria

For timely submissions of bounties that meet the implementation requirements, a bounty of at least $250 will be awarded to the contributor. Additional bounty amounts are available and will be rewarded based on the following criteria:

  • Correctness and security: Thorough convincing that both implementations are completely correct and secure. All requirements must be met.
  • Code clarity and quality: Succinct, easy-to-follow code with appropriate naming conventions. Utilize Rust's type system for flexibility and security (e.g., compile-time checks where possible). Avoid external crates. Optimizations should be a lower priority than clarity, but can be included behind a feature flag as a bonus.
  • Documentation quality: Provide comprehensive READMEs, Cargo docs, and inline comments where code itself is not self-explanatory. Remember that ronkathon is primarily an educational toolbox, so prioritize clarity and readability to facilitate learning.
  • Comparison and vulnerability analysis: As a bonus, include a brief comparison of AES-CTR and AES-GCM, highlighting their strengths, weaknesses, and appropriate use cases. This will enhance the educational value of the implementation. Can you show where either of the two are vulnerable? Hint
@0xJepsen 0xJepsen pinned this issue Aug 9, 2024
@0xJepsen 0xJepsen changed the title Bounty: AES-GCM Bounty: # Advanced Encryption Standard: Galio Counter Mode Aug 9, 2024
@0xJepsen 0xJepsen changed the title Bounty: # Advanced Encryption Standard: Galio Counter Mode Bounty: Advanced Encryption Standard: Galois Counter Mode Aug 9, 2024
@0xJepsen 0xJepsen changed the title Bounty: Advanced Encryption Standard: Galois Counter Mode Bounty: AES-GCM Aug 9, 2024
@mrdaybird
Copy link
Contributor

Randomly came across this bounty on github feed but I couldn't find any info about bounty program at ronkathon. Is this open to public? asking because this looks interesting to work on!

@0xJepsen
Copy link
Contributor Author

Randomly came across this bounty on github feed but I couldn't find any info about bounty program at ronkathon. Is this open to public? asking because this looks interesting to work on!

We had created the bounty as a party of an event called zkhack. @devloper are we open to continuing the bounty?

@0xJepsen
Copy link
Contributor Author

Randomly came across this bounty on github feed but I couldn't find any info about bounty program at ronkathon. Is this open to public? asking because this looks interesting to work on!

We are working on a more general bounty process to reward contributors and hope to have some more information available soon

@brunny-eth
Copy link
Contributor

@mrdaybird -- we're opening up bounties for contributors! if you'd like to take a crack at this one, feel free to assign it to yourself and get started 😄

@brunny-eth brunny-eth unpinned this issue Sep 10, 2024
@mrdaybird
Copy link
Contributor

@brunny-eth Awesome! I would love to do this over the weekend. Please assign it to me if that's okay!

@brunny-eth
Copy link
Contributor

assigned to you ser @mrdaybird

@brunny-eth brunny-eth changed the title Bounty: AES-GCM bounty: AES-GCM Sep 11, 2024
@mrdaybird
Copy link
Contributor

mrdaybird commented Sep 24, 2024

@brunny-eth I think I have completed all the requirements for this bounty! (with PR #157 #158 and #159)
We now have an implementation of GCM+GHASH, and an improved modes of operation readme.
I hope that everything look good!

EDIT: added PR #159 along with others

@brunny-eth
Copy link
Contributor

sounds good -- standby, @mrdaybird, we will get back to you very shortly 🫡

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

3 participants