Portable C implementations of the AEGIS family of high-performance authenticated ciphers (AEGIS-128L, AEGIS-128X2, AEGIS-128X4, AEGIS-256, AEGIS-256X2, AEGIS-256X4), with runtime CPU detection.
Note that the compiler makes a difference. Zig (or a recent clang
with target-specific options such as -march=native
) produces more efficient code than gcc
.
zig
:zig build -Drelease
The library and headers are installed in the zig-out
folder.
To favor performance over side-channel mitigations on devices without hardware acceleration, add -Dfavor-performance
:
zig build -Drelease -Dfavor-performance
A benchmark can also be built with the -Dwith-benchmark
option:
zig build -Drelease -Dfavor-performance -Dwith-benchmark
libaegis
doesn't need WASI nor any extension to work on WebAssembly. The wasm32-freestanding
target is fully supported.
WebAssembly extensions such as bulk_memory
and simd128
can be enabled by adding -Dcpu=baseline+bulk_memory+simd128
to the command line.
cmake
:mkdir build
cd build
cmake -DCMAKE_INSTALL_PREFIX=/install/prefix ..
make install
To favor performance over side-channel mitigations on devices without hardware acceleration, add -DFAVOR_PERFORMANCE
.
Copy everything in src
directly into your project, and compile everything like regular C code. No special configuration is required.
Include <aegis.h>
and call aegis_init()
prior to doing anything else with the library.
aegis_init()
checks the CPU capabilities in order to later use the fastest implementations.
aegis
is a set of bindings for Rust.fizz
is Facebook's implementation of TLS 1.3.picotls
is a TLS 1.3 implementation in C, with support for the AEGIS cipher suites.h2o
is an HTTP/{1,2,3} server with support for the AEGIS cipher suites.Other AEGIS implementations are also available for most programming languages.
AEGIS is very fast on CPUs with parallel execution pipelines and AES support.