kyberk2so

package module
v0.2.3 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 30, 2023 License: MIT Imports: 3 Imported by: 3

README

Kyber-K2SO

Kyber-K2SO GoDoc Go Report Card GitHub

Kyber-K2SO is Symbolic Software's clean implementation of the Kyber IND-CCA2-secure key encapsulation mechanism (KEM), whose security is based on the hardness of solving the learning-with-errors (LWE) problem over module lattices. Kyber is the winning candidate algorithm, of those submitted to the NIST post-quantum cryptography project.

Security Disclaimer

🚨 Extensive effort has been undertaken in order to ensure the correctness, interoperability, safety and reliability of this library. Furthermore, it is unlikely that the API will change in the future. While this library is likely ready for production use, it is offered as-is, and without a guarantee.

Features & Usage

Keeping in mind the Security Disclaimer above, Kyber-K2SO appears to be appropriate for use in any environment supported by Go: client-side application, server-side applications and more. All operations take no more than a few milliseconds on regular computing hardware.

Features
  • Small, easy to read code. Kyber-K2SO is to our knowledge the smallest implementation of Kyber Version 3.
  • Simple API. KemKeypair768() to generate a private key and a public key, KemEncrypt768(publicKey) generate and encrypt a shared secret, and KemDecrypt768(ciphertext, privateKey) to decrypt the shared secret. Aside from Kyber-768, Kyber-512 and Kyber-1024 are also offered.
  • Good performance. Kyber-K2SO is more than fast enough for regular usage in any environment supported by the Go programming language.
  • Constant time (probably). As far as we can tell, decryption appears to perform in constant time. Further analysis is encouraged.
Using Kyber-K2SO
go get -u github.com/symbolicsoft/kyber-k2so

package main

import (
	kyberk2so "github.com/symbolicsoft/kyber-k2so"
)

func main() {
	privateKey, publicKey, _ := kyberk2so.KemKeypair768()
	ciphertext, ssA, _ := kyberk2so.KemEncrypt768(publicKey)
	ssB, _ := kyberk2so.KemDecrypt768(ciphertext, privateKey)
}

Replace 768 with 512 or 1024 in the above function names in order to call Kyber-512 or Kyber-1024 instead of Kyber-768.

Running Tests
> go test -v

=== RUN   TestVectors512
--- PASS: TestVectors512 (0.01s)
=== RUN   TestVectors768
--- PASS: TestVectors768 (0.01s)
=== RUN   TestVectors1024
--- PASS: TestVectors1024 (0.01s)
=== RUN   TestSelf512
--- PASS: TestSelf512 (0.19s)
=== RUN   TestSelf768
--- PASS: TestSelf768 (0.30s)
=== RUN   TestSelf1024
--- PASS: TestSelf1024 (0.46s)
PASS
ok  	github.com/symbolicsoft/kyber-k2so	1.140s
Running Benchmarks
> go test -bench=.

goos: linux
goarch: amd64
pkg: github.com/symbolicsoft/kyber-k2so
BenchmarkKemKeypair512-8    	   28116	     41519 ns/op
BenchmarkKemKeypair768-8    	   15864	     74150 ns/op
BenchmarkKemKeypair1024-8   	   10000	    105946 ns/op
BenchmarkKemEncrypt512-8    	   21409	     56336 ns/op
BenchmarkKemEncrypt768-8    	   13629	     87541 ns/op
BenchmarkKemEncrypt1024-8   	    9987	    131054 ns/op
BenchmarkKemDecrypt512-8    	   17650	     65348 ns/op
BenchmarkKemDecrypt768-8    	   12352	     99300 ns/op
BenchmarkKemDecrypt1024-8   	    8913	    140804 ns/op
PASS
ok  	github.com/symbolicsoft/kyber-k2so	16.180s

About Kyber-K2SO

Kyber-K2SO is published by Symbolic Software under the MIT License.

Kyber-K2SO originally implemented Kyber version 2. Kyber-K2SO was subsequently updated in version 0.1.0 to implement Kyber version 3 thanks to work contributed by Anton Tutoveanu in March 2021.

We thank Peter Schwabe for his feedback during the development of this implementation.

Documentation

Overview

Package kyberk2so provides a clean implementation of the Kyber IND-CCA2-secure key encapsulation mechanism (KEM), whose security is based on the hardness of solving the learning-with-errors (LWE) problem over module lattices.

Index

Constants

View Source 
const Kyber1024CTBytes int = paramsPolyvecCompressedBytesK1024 + paramsPolyCompressedBytesK1024

Kyber1024CTBytes is a constant representing the byte length of ciphertexts in Kyber-1024.

View Source 
const Kyber1024PKBytes int = paramsPolyvecBytesK1024 + paramsSymBytes

Kyber1024PKBytes is a constant representing the byte length of public keys in Kyber-1024.

View Source 
const Kyber1024SKBytes int = paramsPolyvecBytesK1024 + ((paramsPolyvecBytesK1024 + paramsSymBytes) + 2*paramsSymBytes)

Kyber1024SKBytes is a constant representing the byte length of private keys in Kyber-1024.

View Source 
const Kyber512CTBytes int = paramsPolyvecCompressedBytesK512 + paramsPolyCompressedBytesK512

Kyber512CTBytes is a constant representing the byte length of ciphertexts in Kyber-512.

View Source 
const Kyber512PKBytes int = paramsPolyvecBytesK512 + paramsSymBytes

Kyber512PKBytes is a constant representing the byte length of public keys in Kyber-512.

View Source 
const Kyber512SKBytes int = paramsPolyvecBytesK512 + ((paramsPolyvecBytesK512 + paramsSymBytes) + 2*paramsSymBytes)

Kyber512SKBytes is a constant representing the byte length of private keys in Kyber-512.

View Source 
const Kyber768CTBytes int = paramsPolyvecCompressedBytesK768 + paramsPolyCompressedBytesK768

Kyber768CTBytes is a constant representing the byte length of ciphertexts in Kyber-768.

View Source 
const Kyber768PKBytes int = paramsPolyvecBytesK768 + paramsSymBytes

Kyber768PKBytes is a constant representing the byte length of public keys in Kyber-768.

View Source 
const Kyber768SKBytes int = paramsPolyvecBytesK768 + ((paramsPolyvecBytesK768 + paramsSymBytes) + 2*paramsSymBytes)

Kyber768SKBytes is a constant representing the byte length of private keys in Kyber-768.

View Source 
const KyberSSBytes int = 32

KyberSSBytes is a constant representing the byte length of shared secrets in Kyber.

Variables

This section is empty.

Functions

func KemDecrypt1024 added in v0.0.4 

func KemDecrypt1024(
	ciphertext [Kyber1024CTBytes]byte,
	privateKey [Kyber1024SKBytes]byte,
) ([KyberSSBytes]byte, error)

KemDecrypt1024 takes a ciphertext (from KeyEncrypt1024), a private key (from KemKeypair1024) and returns a 32-byte shared secret. An accompanying error is returned if no sufficient randomness could be obtained from the system.

func KemDecrypt512 added in v0.0.4 

func KemDecrypt512(
	ciphertext [Kyber512CTBytes]byte,
	privateKey [Kyber512SKBytes]byte,
) ([KyberSSBytes]byte, error)

KemDecrypt512 takes a ciphertext (from KeyEncrypt512), a private key (from KemKeypair512) and returns a 32-byte shared secret. An accompanying error is returned if no sufficient randomness could be obtained from the system.

func KemDecrypt768 added in v0.0.4 

func KemDecrypt768(
	ciphertext [Kyber768CTBytes]byte,
	privateKey [Kyber768SKBytes]byte,
) ([KyberSSBytes]byte, error)

KemDecrypt768 takes a ciphertext (from KeyEncrypt768), a private key (from KemKeypair768) and returns a 32-byte shared secret. An accompanying error is returned if no sufficient randomness could be obtained from the system.

func KemEncrypt1024 added in v0.0.4 

func KemEncrypt1024(publicKey [Kyber1024PKBytes]byte) (
	[Kyber1024CTBytes]byte, [KyberSSBytes]byte, error,
)

KemEncrypt1024 takes a public key (from KemKeypair1024) as input and returns a ciphertext and a 32-byte shared secret. An accompanying error is returned if no sufficient randomness could be obtained from the system.

func KemEncrypt512 added in v0.0.4 

func KemEncrypt512(publicKey [Kyber512PKBytes]byte) (
	[Kyber512CTBytes]byte, [KyberSSBytes]byte, error,
)

KemEncrypt512 takes a public key (from KemKeypair512) as input and returns a ciphertext and a 32-byte shared secret. An accompanying error is returned if no sufficient randomness could be obtained from the system.

func KemEncrypt768 added in v0.0.4 

func KemEncrypt768(publicKey [Kyber768PKBytes]byte) (
	[Kyber768CTBytes]byte, [KyberSSBytes]byte, error,
)

KemEncrypt768 takes a public key (from KemKeypair768) as input and returns a ciphertext and a 32-byte shared secret. An accompanying error is returned if no sufficient randomness could be obtained from the system.

func KemKeypair1024 added in v0.0.4 

func KemKeypair1024() ([Kyber1024SKBytes]byte, [Kyber1024PKBytes]byte, error)

KemKeypair1024 returns a Kyber-1024 private key and a corresponding Kyber-1024 public key. An accompanying error is returned if no sufficient randomness could be obtained from the system.

func KemKeypair512 added in v0.0.4 

func KemKeypair512() ([Kyber512SKBytes]byte, [Kyber512PKBytes]byte, error)

KemKeypair512 returns a Kyber-512 private key and a corresponding Kyber-512 public key. An accompanying error is returned if no sufficient randomness could be obtained from the system.

func KemKeypair768 added in v0.0.4 

func KemKeypair768() ([Kyber768SKBytes]byte, [Kyber768PKBytes]byte, error)

KemKeypair768 returns a Kyber-768 private key and a corresponding Kyber-768 public key. An accompanying error is returned if no sufficient randomness could be obtained from the system.

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.