Documentation ¶
Overview ¶
Package circl provides a collection of cryptographic primitives. The goal of this module is to be used as a tool for experimental deployment of cryptographic algorithms targeting Post-Quantum (PQ) and Elliptic Curve Cryptography (ECC).
Following blog post describes ideas behind CIRCL in more details: https://blog.cloudflare.com/introducing-circl/
Directories ¶
Path | Synopsis |
---|---|
Package abe provides Attribute-based data encryption algorithms.
|
Package abe provides Attribute-based data encryption algorithms. |
cpabe
Package cpabe provides Ciphertext-Policy Attribute-based Encryption algorithms.
|
Package cpabe provides Ciphertext-Policy Attribute-based Encryption algorithms. |
cpabe/tkn20
Package tkn20 implements a ciphertext-policy ABE by Tomida, Kawahara, Nishimaki.
|
Package tkn20 implements a ciphertext-policy ABE by Tomida, Kawahara, Nishimaki. |
Package blindsign provides blind signature schemes.
|
Package blindsign provides blind signature schemes. |
blindrsa
Package blindrsa implements the RSA Blind Signature Protocol as defined in [RFC9474].
|
Package blindrsa implements the RSA Blind Signature Protocol as defined in [RFC9474]. |
blindrsa/partiallyblindrsa
Package partiallyblindrsa implements a partially blind RSA protocol.
|
Package partiallyblindrsa implements a partially blind RSA protocol. |
Package cipher provides data encryption algorithms.
|
Package cipher provides data encryption algorithms. |
ascon
Package ascon provides ASCON family of light-weight AEAD ciphers.
|
Package ascon provides ASCON family of light-weight AEAD ciphers. |
Package dh provides variety of Diffie-Hellman key exchange methods.
|
Package dh provides variety of Diffie-Hellman key exchange methods. |
csidh
Package csidh implements commutative supersingular isogeny-based Diffie-Hellman key exchange algorithm (CSIDH) resulting from the group action.
|
Package csidh implements commutative supersingular isogeny-based Diffie-Hellman key exchange algorithm (CSIDH) resulting from the group action. |
curve4q
Package curve4q implements Diffie-Hellman operations using the FourQ curve at the 128-bit security level.
|
Package curve4q implements Diffie-Hellman operations using the FourQ curve at the 128-bit security level. |
sidh
Package sidh is deprecated, it provides SIDH and SIKE key encapsulation mechanisms.
|
Package sidh is deprecated, it provides SIDH and SIKE key encapsulation mechanisms. |
sidh/internal/common
Package common provides types, variables, constants and functions commonly used in SIDH or SIKE.
|
Package common provides types, variables, constants and functions commonly used in SIDH or SIKE. |
sidh/internal/p503
Package p503 provides implementation of field arithmetic used in SIDH and SIKE.
|
Package p503 provides implementation of field arithmetic used in SIDH and SIKE. |
sidh/internal/p751
Package p751 provides implementation of field arithmetic used in SIDH and SIKE.
|
Package p751 provides implementation of field arithmetic used in SIDH and SIKE. |
x25519
Package x25519 provides Diffie-Hellman functions as specified in RFC-7748.
|
Package x25519 provides Diffie-Hellman functions as specified in RFC-7748. |
x448
Package x448 provides Diffie-Hellman functions as specified in RFC-7748.
|
Package x448 provides Diffie-Hellman functions as specified in RFC-7748. |
Package ecc provides implementation of arithmetic on some elliptic curves.
|
Package ecc provides implementation of arithmetic on some elliptic curves. |
bls12381
Package bls12381 provides bilinear pairings using the BLS12-381 curve.
|
Package bls12381 provides bilinear pairings using the BLS12-381 curve. |
bls12381/ff
Package ff provides finite fields of characteristic P381.
|
Package ff provides finite fields of characteristic P381. |
fourq
Package fourq provides elliptic curve operations over FourQ curve.
|
Package fourq provides elliptic curve operations over FourQ curve. |
goldilocks
Package goldilocks provides elliptic curve operations over the goldilocks curve.
|
Package goldilocks provides elliptic curve operations over the goldilocks curve. |
p384
Package p384 provides optimized elliptic curve operations on the P-384 curve.
|
Package p384 provides optimized elliptic curve operations on the P-384 curve. |
Package expander generates arbitrary bytes from an XOF or Hash function.
|
Package expander generates arbitrary bytes from an XOF or Hash function. |
Package group provides prime-order groups based on elliptic curves.
|
Package group provides prime-order groups based on elliptic curves. |
Package hpke implements the Hybrid Public Key Encryption (HPKE) standard specified by draft-irtf-cfrg-hpke-07.
|
Package hpke implements the Hybrid Public Key Encryption (HPKE) standard specified by draft-irtf-cfrg-hpke-07. |
internal
|
|
nist
Package nist implements helpers to generate NIST's Known Answer Tests (KATs).
|
Package nist implements helpers to generate NIST's Known Answer Tests (KATs). |
sha3
Package sha3 implements the SHA-3 fixed-output-length hash functions and the SHAKE variable-output-length hash functions defined by FIPS-202.
|
Package sha3 implements the SHA-3 fixed-output-length hash functions and the SHAKE variable-output-length hash functions defined by FIPS-202. |
Package kem provides a unified interface for KEM schemes.
|
Package kem provides a unified interface for KEM schemes. |
frodo
Package frodo provides the key encapsulation mechanism FrodoKEM.
|
Package frodo provides the key encapsulation mechanism FrodoKEM. |
frodo/frodo640shake
Package frodo640shake implements the variant FrodoKEM-640 with SHAKE.
|
Package frodo640shake implements the variant FrodoKEM-640 with SHAKE. |
hybrid
Package hybrid defines several hybrid classical/quantum KEMs.
|
Package hybrid defines several hybrid classical/quantum KEMs. |
kyber
Package kyber implements the CRYSTALS-Kyber.CCAKEM IND-CCA2 secure key encapsulation mechanism (KEM) as submitted to round 3 of the NIST PQC competition and described in
|
Package kyber implements the CRYSTALS-Kyber.CCAKEM IND-CCA2 secure key encapsulation mechanism (KEM) as submitted to round 3 of the NIST PQC competition and described in |
kyber/kyber1024
Package kyber1024 implements the IND-CCA2 secure key encapsulation mechanism Kyber1024.CCAKEM as submitted to round 3 of the NIST PQC competition and described in
|
Package kyber1024 implements the IND-CCA2 secure key encapsulation mechanism Kyber1024.CCAKEM as submitted to round 3 of the NIST PQC competition and described in |
kyber/kyber512
Package kyber512 implements the IND-CCA2 secure key encapsulation mechanism Kyber512.CCAKEM as submitted to round 3 of the NIST PQC competition and described in
|
Package kyber512 implements the IND-CCA2 secure key encapsulation mechanism Kyber512.CCAKEM as submitted to round 3 of the NIST PQC competition and described in |
kyber/kyber768
Package kyber768 implements the IND-CCA2 secure key encapsulation mechanism Kyber768.CCAKEM as submitted to round 3 of the NIST PQC competition and described in
|
Package kyber768 implements the IND-CCA2 secure key encapsulation mechanism Kyber768.CCAKEM as submitted to round 3 of the NIST PQC competition and described in |
mceliece/mceliece348864
Package mceliece348864 implements the IND-CCA2 secure key encapsulation mechanism mceliece348864 as submitted to round 4 of the NIST PQC competition and described in
|
Package mceliece348864 implements the IND-CCA2 secure key encapsulation mechanism mceliece348864 as submitted to round 4 of the NIST PQC competition and described in |
mceliece/mceliece348864f
Package mceliece348864f implements the IND-CCA2 secure key encapsulation mechanism mceliece348864f as submitted to round 4 of the NIST PQC competition and described in
|
Package mceliece348864f implements the IND-CCA2 secure key encapsulation mechanism mceliece348864f as submitted to round 4 of the NIST PQC competition and described in |
mceliece/mceliece460896
Package mceliece460896 implements the IND-CCA2 secure key encapsulation mechanism mceliece460896 as submitted to round 4 of the NIST PQC competition and described in
|
Package mceliece460896 implements the IND-CCA2 secure key encapsulation mechanism mceliece460896 as submitted to round 4 of the NIST PQC competition and described in |
mceliece/mceliece460896f
Package mceliece460896f implements the IND-CCA2 secure key encapsulation mechanism mceliece460896f as submitted to round 4 of the NIST PQC competition and described in
|
Package mceliece460896f implements the IND-CCA2 secure key encapsulation mechanism mceliece460896f as submitted to round 4 of the NIST PQC competition and described in |
mceliece/mceliece6688128
Package mceliece6688128 implements the IND-CCA2 secure key encapsulation mechanism mceliece6688128 as submitted to round 4 of the NIST PQC competition and described in
|
Package mceliece6688128 implements the IND-CCA2 secure key encapsulation mechanism mceliece6688128 as submitted to round 4 of the NIST PQC competition and described in |
mceliece/mceliece6688128f
Package mceliece6688128f implements the IND-CCA2 secure key encapsulation mechanism mceliece6688128f as submitted to round 4 of the NIST PQC competition and described in
|
Package mceliece6688128f implements the IND-CCA2 secure key encapsulation mechanism mceliece6688128f as submitted to round 4 of the NIST PQC competition and described in |
mceliece/mceliece6960119
Package mceliece6960119 implements the IND-CCA2 secure key encapsulation mechanism mceliece6960119 as submitted to round 4 of the NIST PQC competition and described in
|
Package mceliece6960119 implements the IND-CCA2 secure key encapsulation mechanism mceliece6960119 as submitted to round 4 of the NIST PQC competition and described in |
mceliece/mceliece6960119f
Package mceliece6960119f implements the IND-CCA2 secure key encapsulation mechanism mceliece6960119f as submitted to round 4 of the NIST PQC competition and described in
|
Package mceliece6960119f implements the IND-CCA2 secure key encapsulation mechanism mceliece6960119f as submitted to round 4 of the NIST PQC competition and described in |
mceliece/mceliece8192128
Package mceliece8192128 implements the IND-CCA2 secure key encapsulation mechanism mceliece8192128 as submitted to round 4 of the NIST PQC competition and described in
|
Package mceliece8192128 implements the IND-CCA2 secure key encapsulation mechanism mceliece8192128 as submitted to round 4 of the NIST PQC competition and described in |
mceliece/mceliece8192128f
Package mceliece8192128f implements the IND-CCA2 secure key encapsulation mechanism mceliece8192128f as submitted to round 4 of the NIST PQC competition and described in
|
Package mceliece8192128f implements the IND-CCA2 secure key encapsulation mechanism mceliece8192128f as submitted to round 4 of the NIST PQC competition and described in |
schemes
Package schemes contains a register of KEM schemes.
|
Package schemes contains a register of KEM schemes. |
sike
Package sike is deprecated, it contains the SIKE key encapsulation mechanism.
|
Package sike is deprecated, it contains the SIKE key encapsulation mechanism. |
sike/sikep434
Package sikep434 is deprecated, it implements the key encapsulation mechanism SIKEp434.
|
Package sikep434 is deprecated, it implements the key encapsulation mechanism SIKEp434. |
sike/sikep503
Package sikep503 is deprecated, it implements the key encapsulation mechanism SIKEp503.
|
Package sikep503 is deprecated, it implements the key encapsulation mechanism SIKEp503. |
sike/sikep751
Package sikep751 is deprecated, it implements the key encapsulation mechanism SIKEp751.
|
Package sikep751 is deprecated, it implements the key encapsulation mechanism SIKEp751. |
Package math provides some utility functions for big integers.
|
Package math provides some utility functions for big integers. |
fp25519
Package fp25519 provides prime field arithmetic over GF(2^255-19).
|
Package fp25519 provides prime field arithmetic over GF(2^255-19). |
fp448
Package fp448 provides prime field arithmetic over GF(2^448-2^224-1).
|
Package fp448 provides prime field arithmetic over GF(2^448-2^224-1). |
gf2e12
Package gf2e12 provides finite field arithmetic over GF(2^12).
|
Package gf2e12 provides finite field arithmetic over GF(2^12). |
gf2e13
Package gf2e13 provides finite field arithmetic over GF(2^13).
|
Package gf2e13 provides finite field arithmetic over GF(2^13). |
mlsbset
Package mlsbset provides a constant-time exponentiation method with precomputation.
|
Package mlsbset provides a constant-time exponentiation method with precomputation. |
polynomial
Package polynomial provides representations of polynomials over the scalars of a group.
|
Package polynomial provides representations of polynomials over the scalars of a group. |
Package oprf provides Verifiable, Oblivious Pseudo-Random Functions.
|
Package oprf provides Verifiable, Oblivious Pseudo-Random Functions. |
Package ot provides oblivious-transfer protocols.
|
Package ot provides oblivious-transfer protocols. |
Package pke provides a variety of public key encryption mechanisms.
|
Package pke provides a variety of public key encryption mechanisms. |
kyber
Package kyber implements the CRYSTALS-Kyber.CPAPKE public key encryption as submitted to round 3 of the NIST PQC competition and described in
|
Package kyber implements the CRYSTALS-Kyber.CPAPKE public key encryption as submitted to round 3 of the NIST PQC competition and described in |
kyber/kyber1024
kyber1024 implements the IND-CPA-secure Public Key Encryption scheme Kyber1024.CPAPKE as submitted to round 3 of the NIST PQC competition and described in
|
kyber1024 implements the IND-CPA-secure Public Key Encryption scheme Kyber1024.CPAPKE as submitted to round 3 of the NIST PQC competition and described in |
kyber/kyber512
kyber512 implements the IND-CPA-secure Public Key Encryption scheme Kyber512.CPAPKE as submitted to round 3 of the NIST PQC competition and described in
|
kyber512 implements the IND-CPA-secure Public Key Encryption scheme Kyber512.CPAPKE as submitted to round 3 of the NIST PQC competition and described in |
kyber/kyber768
kyber768 implements the IND-CPA-secure Public Key Encryption scheme Kyber768.CPAPKE as submitted to round 3 of the NIST PQC competition and described in
|
kyber768 implements the IND-CPA-secure Public Key Encryption scheme Kyber768.CPAPKE as submitted to round 3 of the NIST PQC competition and described in |
Package sign provides unified interfaces for signature schemes.
|
Package sign provides unified interfaces for signature schemes. |
dilithium
dilithium implements the CRYSTALS-Dilithium signature schemes as submitted to round3 of the NIST PQC competition and described in
|
dilithium implements the CRYSTALS-Dilithium signature schemes as submitted to round3 of the NIST PQC competition and described in |
dilithium/mode2
mode2 implements the CRYSTALS-Dilithium signature scheme Dilithium2 as submitted to round3 of the NIST PQC competition and described in
|
mode2 implements the CRYSTALS-Dilithium signature scheme Dilithium2 as submitted to round3 of the NIST PQC competition and described in |
dilithium/mode2aes
mode2aes implements the CRYSTALS-Dilithium signature scheme Dilithium2-AES as submitted to round3 of the NIST PQC competition and described in
|
mode2aes implements the CRYSTALS-Dilithium signature scheme Dilithium2-AES as submitted to round3 of the NIST PQC competition and described in |
dilithium/mode3
mode3 implements the CRYSTALS-Dilithium signature scheme Dilithium3 as submitted to round3 of the NIST PQC competition and described in
|
mode3 implements the CRYSTALS-Dilithium signature scheme Dilithium3 as submitted to round3 of the NIST PQC competition and described in |
dilithium/mode3aes
mode3aes implements the CRYSTALS-Dilithium signature scheme Dilithium3-AES as submitted to round3 of the NIST PQC competition and described in
|
mode3aes implements the CRYSTALS-Dilithium signature scheme Dilithium3-AES as submitted to round3 of the NIST PQC competition and described in |
dilithium/mode5
mode5 implements the CRYSTALS-Dilithium signature scheme Dilithium5 as submitted to round3 of the NIST PQC competition and described in
|
mode5 implements the CRYSTALS-Dilithium signature scheme Dilithium5 as submitted to round3 of the NIST PQC competition and described in |
dilithium/mode5aes
mode5aes implements the CRYSTALS-Dilithium signature scheme Dilithium5-AES as submitted to round3 of the NIST PQC competition and described in
|
mode5aes implements the CRYSTALS-Dilithium signature scheme Dilithium5-AES as submitted to round3 of the NIST PQC competition and described in |
ed25519
Package ed25519 implements Ed25519 signature scheme as described in RFC-8032.
|
Package ed25519 implements Ed25519 signature scheme as described in RFC-8032. |
ed448
Package ed448 implements Ed448 signature scheme as described in RFC-8032.
|
Package ed448 implements Ed448 signature scheme as described in RFC-8032. |
eddilithium2
Package eddilithium2 implements the hybrid signature scheme Ed25519-Dilithium2.
|
Package eddilithium2 implements the hybrid signature scheme Ed25519-Dilithium2. |
eddilithium3
Package eddilithium3 implements the hybrid signature scheme Ed448-Dilithium3.
|
Package eddilithium3 implements the hybrid signature scheme Ed448-Dilithium3. |
schemes
Package schemes contains a register of signature algorithms.
|
Package schemes contains a register of signature algorithms. |
Package simd provides parallel implementations of some primitives.
|
Package simd provides parallel implementations of some primitives. |
keccakf1600
Package keccakf1600 provides a two and four-way Keccak-f[1600] permutation in parallel.
|
Package keccakf1600 provides a two and four-way Keccak-f[1600] permutation in parallel. |
Package tss provides threshold signature schemes.
|
Package tss provides threshold signature schemes. |
rsa
Package rsa provides RSA threshold signature scheme.
|
Package rsa provides RSA threshold signature scheme. |
Package xof provides an interface for eXtendable-Output Functions.
|
Package xof provides an interface for eXtendable-Output Functions. |
k12
k12 implements the KangarooTwelve XOF.
|
k12 implements the KangarooTwelve XOF. |
Package zk provides primitives for zero-knowledge proofs of knowledge.
|
Package zk provides primitives for zero-knowledge proofs of knowledge. |
dl
Package dl provides a Schnorr NIZK discrete-log proof.
|
Package dl provides a Schnorr NIZK discrete-log proof. |
dleq
Package dleq provides zero-knowledge proofs of Discrete-Logarithm Equivalence (DLEQ).
|
Package dleq provides zero-knowledge proofs of Discrete-Logarithm Equivalence (DLEQ). |
Click to show internal directories.
Click to hide internal directories.