kem

package
v1.4.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Aug 20, 2024 License: BSD-3-Clause Imports: 2 Imported by: 57

Documentation

Overview

Package kem provides a unified interface for KEM schemes.

A register of schemes is available in the package

github.com/cloudflare/circl/kem/schemes

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrTypeMismatch is the error used if types of, for instance, private
	// and public keys don't match
	ErrTypeMismatch = errors.New("types mismatch")

	// ErrSeedSize is the error used if the provided seed is of the wrong
	// size.
	ErrSeedSize = errors.New("wrong seed size")

	// ErrPubKeySize is the error used if the provided public key is of
	// the wrong size.
	ErrPubKeySize = errors.New("wrong size for public key")

	// ErrCiphertextSize is the error used if the provided ciphertext
	// is of the wrong size.
	ErrCiphertextSize = errors.New("wrong size for ciphertext")

	// ErrPrivKeySize is the error used if the provided private key is of
	// the wrong size.
	ErrPrivKeySize = errors.New("wrong size for private key")

	// ErrPubKey is the error used if the provided public key is invalid.
	ErrPubKey = errors.New("invalid public key")

	// ErrPrivKey is the error used if the provided private key is invalid.
	ErrPrivKey = errors.New("invalid private key")

	// ErrCipherText is the error used if the provided ciphertext is invalid.
	ErrCipherText = errors.New("invalid ciphertext")
)

Functions

This section is empty.

Types

type AuthScheme

type AuthScheme interface {
	Scheme
	AuthEncapsulate(pkr PublicKey, sks PrivateKey) (ct, ss []byte, err error)
	AuthEncapsulateDeterministically(pkr PublicKey, sks PrivateKey, seed []byte) (ct, ss []byte, err error)
	AuthDecapsulate(skr PrivateKey, ct []byte, pks PublicKey) ([]byte, error)
}

AuthScheme represents a KEM that supports authenticated key encapsulation.

type PrivateKey

type PrivateKey interface {
	// Returns the scheme for this private key
	Scheme() Scheme

	encoding.BinaryMarshaler
	Equal(PrivateKey) bool
	Public() PublicKey
}

A KEM private key

type PublicKey

type PublicKey interface {
	// Returns the scheme for this public key
	Scheme() Scheme

	encoding.BinaryMarshaler
	Equal(PublicKey) bool
}

A KEM public key

type Scheme

type Scheme interface {
	// Name of the scheme
	Name() string

	// GenerateKeyPair creates a new key pair.
	GenerateKeyPair() (PublicKey, PrivateKey, error)

	// Encapsulate generates a shared key ss for the public key and
	// encapsulates it into a ciphertext ct.
	Encapsulate(pk PublicKey) (ct, ss []byte, err error)

	// Returns the shared key encapsulated in ciphertext ct for the
	// private key sk.
	Decapsulate(sk PrivateKey, ct []byte) ([]byte, error)

	// Unmarshals a PublicKey from the provided buffer.
	UnmarshalBinaryPublicKey([]byte) (PublicKey, error)

	// Unmarshals a PrivateKey from the provided buffer.
	UnmarshalBinaryPrivateKey([]byte) (PrivateKey, error)

	// Size of encapsulated keys.
	CiphertextSize() int

	// Size of established shared keys.
	SharedKeySize() int

	// Size of packed private keys.
	PrivateKeySize() int

	// Size of packed public keys.
	PublicKeySize() int

	// DeriveKeyPair deterministically derives a pair of keys from a seed.
	// Panics if the length of seed is not equal to the value returned by
	// SeedSize.
	DeriveKeyPair(seed []byte) (PublicKey, PrivateKey)

	// Size of seed used in DeriveKey
	SeedSize() int

	// EncapsulateDeterministically generates a shared key ss for the public
	// key deterministically from the given seed and encapsulates it into
	// a ciphertext ct. If unsure, you're better off using Encapsulate().
	EncapsulateDeterministically(pk PublicKey, seed []byte) (
		ct, ss []byte, err error)

	// Size of seed used in EncapsulateDeterministically().
	EncapsulationSeedSize() int
}

A Scheme represents a specific instance of a KEM.

Directories

Path Synopsis
Package frodo provides the key encapsulation mechanism FrodoKEM.
Package frodo provides the key encapsulation mechanism FrodoKEM.
frodo640shake
Package frodo640shake implements the variant FrodoKEM-640 with SHAKE.
Package frodo640shake implements the variant FrodoKEM-640 with SHAKE.
Package hybrid defines several hybrid classical/quantum KEMs.
Package hybrid defines several hybrid classical/quantum KEMs.
Package kyber implements the CRYSTALS-Kyber.CCAKEM IND-CCA2 secure key encapsulation mechanism (KEM) as submitted to round 3 of the NIST PQC competition and described in
Package kyber implements the CRYSTALS-Kyber.CCAKEM IND-CCA2 secure key encapsulation mechanism (KEM) as submitted to round 3 of the NIST PQC competition and described in
kyber1024
Package kyber1024 implements the IND-CCA2 secure key encapsulation mechanism Kyber1024.CCAKEM as submitted to round 3 of the NIST PQC competition and described in
Package kyber1024 implements the IND-CCA2 secure key encapsulation mechanism Kyber1024.CCAKEM as submitted to round 3 of the NIST PQC competition and described in
kyber512
Package kyber512 implements the IND-CCA2 secure key encapsulation mechanism Kyber512.CCAKEM as submitted to round 3 of the NIST PQC competition and described in
Package kyber512 implements the IND-CCA2 secure key encapsulation mechanism Kyber512.CCAKEM as submitted to round 3 of the NIST PQC competition and described in
kyber768
Package kyber768 implements the IND-CCA2 secure key encapsulation mechanism Kyber768.CCAKEM as submitted to round 3 of the NIST PQC competition and described in
Package kyber768 implements the IND-CCA2 secure key encapsulation mechanism Kyber768.CCAKEM as submitted to round 3 of the NIST PQC competition and described in
Package mlkem implements IND-CCA2 secure ML-KEM key encapsulation mechanism (KEM) as defined in FIPS 203.
Package mlkem implements IND-CCA2 secure ML-KEM key encapsulation mechanism (KEM) as defined in FIPS 203.
mlkem1024
Package mlkem1024 implements the IND-CCA2 secure key encapsulation mechanism ML-KEM-1024 as defined in FIPS203.
Package mlkem1024 implements the IND-CCA2 secure key encapsulation mechanism ML-KEM-1024 as defined in FIPS203.
mlkem512
Package mlkem512 implements the IND-CCA2 secure key encapsulation mechanism ML-KEM-512 as defined in FIPS203.
Package mlkem512 implements the IND-CCA2 secure key encapsulation mechanism ML-KEM-512 as defined in FIPS203.
mlkem768
Package mlkem768 implements the IND-CCA2 secure key encapsulation mechanism ML-KEM-768 as defined in FIPS203.
Package mlkem768 implements the IND-CCA2 secure key encapsulation mechanism ML-KEM-768 as defined in FIPS203.
Package schemes contains a register of KEM schemes.
Package schemes contains a register of KEM schemes.
Package sike is deprecated, it contains the SIKE key encapsulation mechanism.
Package sike is deprecated, it contains the SIKE key encapsulation mechanism.
sikep434
Package sikep434 is deprecated, it implements the key encapsulation mechanism SIKEp434.
Package sikep434 is deprecated, it implements the key encapsulation mechanism SIKEp434.
sikep503
Package sikep503 is deprecated, it implements the key encapsulation mechanism SIKEp503.
Package sikep503 is deprecated, it implements the key encapsulation mechanism SIKEp503.
sikep751
Package sikep751 is deprecated, it implements the key encapsulation mechanism SIKEp751.
Package sikep751 is deprecated, it implements the key encapsulation mechanism SIKEp751.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL