circl

package module
v0.0.0-...-8e3605f Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Feb 9, 2022 License: BSD-3-Clause Imports: 0 Imported by: 0

README

CIRCL

GitHub release CIRCL GoDoc Go Report Card codecov

CIRCL (Cloudflare Interoperable, Reusable Cryptographic Library) is a collection of cryptographic primitives written in Go. The goal of this library is to be used as a tool for experimental deployment of cryptographic algorithms targeting Post-Quantum (PQ) and Elliptic Curve Cryptography (ECC).

Security Disclaimer

🚨 This library is offered as-is, and without a guarantee. Therefore, it is expected that changes in the code, repository, and API occur in the future. We recommend to take caution before using this library in a production application since part of its content is experimental. All security issues must be reported, please notify us immediately following the instructions given in our Security Policy.

Installation

You can get CIRCL by fetching:

go get -u github.com/fanym919/circl

List of Algorithms

Diffie-Hellman Protocol
Digital Signature Schemes
Groups based on Elliptic Curves
High-Level Protocols
  • Bilinear pairings with BLS12-381.
  • HPKE: Hybrid Public-Key Encryption
  • VOPRF: Verifiable Oblivious Pseudorandom function.
Post-Quantum Key Encapsulation Methods
  • SIDH/SIKE: Supersingular Key Encapsulation with rimes p434, p503, p751
  • CSIDH: Post-Quantum Commutative Group Action
  • Kyber KEM: modes 512, 768, 1024
Post-Quantum Public-Key Encryption
  • Kyber PKE: modes 512, 768, 1024
Post-Quantum Digital Signature Schemes
Field Arithmetic
  • Fp25519, Fp448, Fp381
Elliptic Curves
Parallel SIMD
XOF: eXtendable Output Functions

Testing and Benchmarking

Library comes with number of make targets which can be used for testing and benchmarking:

  • test performs testing of the binary.
  • bench runs benchmarks.
  • cover produces coverage.
  • lint runs set of linters on the code base.

Contributing

To contribute, fork this repository and make your changes, and then make a Pull Request. A Pull Request requires approval of the admin team and a successful CI build.

How to Cite

To cite CIRCL, use one of the following formats and update the version and date you accessed this project.

APA Style

Faz-Hernández, A. and Kwiatkowski, K. (2019). Introducing CIRCL:
An Advanced Cryptographic Library. Cloudflare. Available at
https://github.com/fanym919/circl. v1.1.0 Accessed Oct 2021.

Bibtex Source

@manual{circl,
  title        = {Introducing CIRCL: An Advanced Cryptographic Library},
  author       = {Armando Faz-Hern\'{a}ndez and Kris Kwiatkowski},
  organization = {Cloudflare},
  abstract     = {{CIRCL (Cloudflare Interoperable, Reusable Cryptographic Library) is
                   a collection of cryptographic primitives written in Go. The goal
                   of this library is to be used as a tool for experimental
                   deployment of cryptographic algorithms targeting Post-Quantum (PQ)
                   and Elliptic Curve Cryptography (ECC).}},
  note         = {Available at \url{https://github.com/fanym919/circl}. v1.1.0 Accessed Oct 2021},
  month        = jun,
  year         = {2019}
}

License

The project is licensed under the BSD-3-Clause License.

Documentation

Overview

Package circl provides a collection of cryptographic primitives. The goal of this module is to be used as a tool for experimental deployment of cryptographic algorithms targeting Post-Quantum (PQ) and Elliptic Curve Cryptography (ECC).

Following blog post describes ideas behind CIRCL in more details: https://blog.fanym919.com/introducing-circl/

Directories

Path Synopsis
Package blindsign provides a blind signature protocol.
Package blindsign provides a blind signature protocol.
dh
Package dh provides variety of Diffie-Hellman key exchange methods.
Package dh provides variety of Diffie-Hellman key exchange methods.
csidh
Package csidh implements commutative supersingular isogeny-based Diffie-Hellman key exchange algorithm (CSIDH) resulting from the group action.
Package csidh implements commutative supersingular isogeny-based Diffie-Hellman key exchange algorithm (CSIDH) resulting from the group action.
curve4q
Package curve4q implements Diffie-Hellman operations using the FourQ curve at the 128-bit security level.
Package curve4q implements Diffie-Hellman operations using the FourQ curve at the 128-bit security level.
sidh
Package sidh provides implementation of experimental post-quantum Supersingular Isogeny Diffie-Hellman (SIDH) as well as Supersingular Isogeny Key Encapsulation (SIKE).
Package sidh provides implementation of experimental post-quantum Supersingular Isogeny Diffie-Hellman (SIDH) as well as Supersingular Isogeny Key Encapsulation (SIKE).
sidh/internal/common
Package common provides types, variables, constants and functions commonly used in SIDH or SIKE.
Package common provides types, variables, constants and functions commonly used in SIDH or SIKE.
sidh/internal/p503
Package p503 provides implementation of field arithmetic used in SIDH and SIKE.
Package p503 provides implementation of field arithmetic used in SIDH and SIKE.
sidh/internal/p751
Package p751 provides implementation of field arithmetic used in SIDH and SIKE.
Package p751 provides implementation of field arithmetic used in SIDH and SIKE.
x25519
Package x25519 provides Diffie-Hellman functions as specified in RFC-7748.
Package x25519 provides Diffie-Hellman functions as specified in RFC-7748.
x448
Package x448 provides Diffie-Hellman functions as specified in RFC-7748.
Package x448 provides Diffie-Hellman functions as specified in RFC-7748.
ecc
Package ecc provides implementation of arithmetic on some elliptic curves.
Package ecc provides implementation of arithmetic on some elliptic curves.
bls12381
Package bls12381 provides bilinear pairings using the BLS12-381 curve.
Package bls12381 provides bilinear pairings using the BLS12-381 curve.
bls12381/ff
Package ff provides finite fields of characteristic P381.
Package ff provides finite fields of characteristic P381.
fourq
Package fourq provides elliptic curve operations over FourQ curve.
Package fourq provides elliptic curve operations over FourQ curve.
goldilocks
Package goldilocks provides elliptic curve operations over the goldilocks curve.
Package goldilocks provides elliptic curve operations over the goldilocks curve.
p384
Package p384 provides optimized elliptic curve operations on the P-384 curve.
Package p384 provides optimized elliptic curve operations on the P-384 curve.
Package expander generates arbitrary bytes from an XOF or Hash function.
Package expander generates arbitrary bytes from an XOF or Hash function.
Package group provides prime-order groups based on elliptic curves.
Package group provides prime-order groups based on elliptic curves.
Package hpke implements the Hybrid Public Key Encryption (HPKE) standard specified by draft-irtf-cfrg-hpke-07.
Package hpke implements the Hybrid Public Key Encryption (HPKE) standard specified by draft-irtf-cfrg-hpke-07.
internal
nist
Package nist implements helpers to generate NIST's Known Answer Tests (KATs).
Package nist implements helpers to generate NIST's Known Answer Tests (KATs).
sha3
Package sha3 implements the SHA-3 fixed-output-length hash functions and the SHAKE variable-output-length hash functions defined by FIPS-202.
Package sha3 implements the SHA-3 fixed-output-length hash functions and the SHAKE variable-output-length hash functions defined by FIPS-202.
kem
Package kem provides a unified interface for KEM schemes.
Package kem provides a unified interface for KEM schemes.
hybrid
Package hybrid defines several hybrid classical/quantum KEMs.
Package hybrid defines several hybrid classical/quantum KEMs.
kyber
Package kyber implements the CRYSTALS-Kyber.CCAKEM IND-CCA2 secure key encapsulation mechanism (KEM) as submitted to round 3 of the NIST PQC competition and described in https://pq-crystals.org/kyber/data/kyber-specification-round3.pdf The related public key encryption scheme CRYSTALS-Kyber.CPAPKE can be found in the package github.com/fanym919/circl/pke/kyber.
Package kyber implements the CRYSTALS-Kyber.CCAKEM IND-CCA2 secure key encapsulation mechanism (KEM) as submitted to round 3 of the NIST PQC competition and described in https://pq-crystals.org/kyber/data/kyber-specification-round3.pdf The related public key encryption scheme CRYSTALS-Kyber.CPAPKE can be found in the package github.com/fanym919/circl/pke/kyber.
kyber/kyber1024
Package kyber1024 implements the IND-CCA2 secure key encapsulation mechanism Kyber1024.CCAKEM as submitted to round 3 of the NIST PQC competition and described in https://pq-crystals.org/kyber/data/kyber-specification-round3.pdf
Package kyber1024 implements the IND-CCA2 secure key encapsulation mechanism Kyber1024.CCAKEM as submitted to round 3 of the NIST PQC competition and described in https://pq-crystals.org/kyber/data/kyber-specification-round3.pdf
kyber/kyber512
Package kyber512 implements the IND-CCA2 secure key encapsulation mechanism Kyber512.CCAKEM as submitted to round 3 of the NIST PQC competition and described in https://pq-crystals.org/kyber/data/kyber-specification-round3.pdf
Package kyber512 implements the IND-CCA2 secure key encapsulation mechanism Kyber512.CCAKEM as submitted to round 3 of the NIST PQC competition and described in https://pq-crystals.org/kyber/data/kyber-specification-round3.pdf
kyber/kyber768
Package kyber768 implements the IND-CCA2 secure key encapsulation mechanism Kyber768.CCAKEM as submitted to round 3 of the NIST PQC competition and described in https://pq-crystals.org/kyber/data/kyber-specification-round3.pdf
Package kyber768 implements the IND-CCA2 secure key encapsulation mechanism Kyber768.CCAKEM as submitted to round 3 of the NIST PQC competition and described in https://pq-crystals.org/kyber/data/kyber-specification-round3.pdf
schemes
Package schemes contains a register of KEM schemes.
Package schemes contains a register of KEM schemes.
sike
Package sike contains the SIKE key encapsulation mechanism.
Package sike contains the SIKE key encapsulation mechanism.
sike/sikep434
Package sikep434 implements the key encapsulation mechanism SIKEp434.
Package sikep434 implements the key encapsulation mechanism SIKEp434.
sike/sikep503
Package sikep503 implements the key encapsulation mechanism SIKEp503.
Package sikep503 implements the key encapsulation mechanism SIKEp503.
sike/sikep751
Package sikep751 implements the key encapsulation mechanism SIKEp751.
Package sikep751 implements the key encapsulation mechanism SIKEp751.
Package math provides some utility functions for big integers.
Package math provides some utility functions for big integers.
fp25519
Package fp25519 provides prime field arithmetic over GF(2^255-19).
Package fp25519 provides prime field arithmetic over GF(2^255-19).
fp448
Package fp448 provides prime field arithmetic over GF(2^448-2^224-1).
Package fp448 provides prime field arithmetic over GF(2^448-2^224-1).
mlsbset
Package mlsbset provides a constant-time exponentiation method with precomputation.
Package mlsbset provides a constant-time exponentiation method with precomputation.
Package oprf provides an Oblivious Pseudo-Random Function protocol.
Package oprf provides an Oblivious Pseudo-Random Function protocol.
pke
Package pke provides a variety of public key encryption mechanisms.
Package pke provides a variety of public key encryption mechanisms.
kyber
Package kyber implements the CRYSTALS-Kyber.CPAPKE public key encrpyption as submitted to round 3 of the NIST PQC competition and described in https://pq-crystals.org/kyber/data/kyber-specification-round3.pdf The related key encapsulation mechanism (KEM) CRYSTALS-Kyber.CCAKEM can be found in the package github.com/fanym919/circl/kem/kyber.
Package kyber implements the CRYSTALS-Kyber.CPAPKE public key encrpyption as submitted to round 3 of the NIST PQC competition and described in https://pq-crystals.org/kyber/data/kyber-specification-round3.pdf The related key encapsulation mechanism (KEM) CRYSTALS-Kyber.CCAKEM can be found in the package github.com/fanym919/circl/kem/kyber.
kyber/kyber1024
kyber1024 implements the IND-CPA-secure Public Key Encryption scheme Kyber1024.CPAPKE as submitted to round 3 of the NIST PQC competition and described in https://pq-crystals.org/kyber/data/kyber-specification-round3.pdf
kyber1024 implements the IND-CPA-secure Public Key Encryption scheme Kyber1024.CPAPKE as submitted to round 3 of the NIST PQC competition and described in https://pq-crystals.org/kyber/data/kyber-specification-round3.pdf
kyber/kyber512
kyber512 implements the IND-CPA-secure Public Key Encryption scheme Kyber512.CPAPKE as submitted to round 3 of the NIST PQC competition and described in https://pq-crystals.org/kyber/data/kyber-specification-round3.pdf
kyber512 implements the IND-CPA-secure Public Key Encryption scheme Kyber512.CPAPKE as submitted to round 3 of the NIST PQC competition and described in https://pq-crystals.org/kyber/data/kyber-specification-round3.pdf
kyber/kyber768
kyber768 implements the IND-CPA-secure Public Key Encryption scheme Kyber768.CPAPKE as submitted to round 3 of the NIST PQC competition and described in https://pq-crystals.org/kyber/data/kyber-specification-round3.pdf
kyber768 implements the IND-CPA-secure Public Key Encryption scheme Kyber768.CPAPKE as submitted to round 3 of the NIST PQC competition and described in https://pq-crystals.org/kyber/data/kyber-specification-round3.pdf
Package sign provides unified interfaces for signature schemes.
Package sign provides unified interfaces for signature schemes.
dilithium
dilithium implements the CRYSTALS-Dilithium signature schemes as submitted to round3 of the NIST PQC competition and described in https://pq-crystals.org/dilithium/data/dilithium-specification-round3-20210208.pdf Each of the eight different modes of Dilithium is implemented by a subpackage.
dilithium implements the CRYSTALS-Dilithium signature schemes as submitted to round3 of the NIST PQC competition and described in https://pq-crystals.org/dilithium/data/dilithium-specification-round3-20210208.pdf Each of the eight different modes of Dilithium is implemented by a subpackage.
dilithium/mode2
mode2 implements the CRYSTALS-Dilithium signature scheme Dilithium2 as submitted to round3 of the NIST PQC competition and described in https://pq-crystals.org/dilithium/data/dilithium-specification-round3-20210208.pdf
mode2 implements the CRYSTALS-Dilithium signature scheme Dilithium2 as submitted to round3 of the NIST PQC competition and described in https://pq-crystals.org/dilithium/data/dilithium-specification-round3-20210208.pdf
dilithium/mode2aes
mode2aes implements the CRYSTALS-Dilithium signature scheme Dilithium2-AES as submitted to round3 of the NIST PQC competition and described in https://pq-crystals.org/dilithium/data/dilithium-specification-round3-20210208.pdf
mode2aes implements the CRYSTALS-Dilithium signature scheme Dilithium2-AES as submitted to round3 of the NIST PQC competition and described in https://pq-crystals.org/dilithium/data/dilithium-specification-round3-20210208.pdf
dilithium/mode3
mode3 implements the CRYSTALS-Dilithium signature scheme Dilithium3 as submitted to round3 of the NIST PQC competition and described in https://pq-crystals.org/dilithium/data/dilithium-specification-round3-20210208.pdf
mode3 implements the CRYSTALS-Dilithium signature scheme Dilithium3 as submitted to round3 of the NIST PQC competition and described in https://pq-crystals.org/dilithium/data/dilithium-specification-round3-20210208.pdf
dilithium/mode3aes
mode3aes implements the CRYSTALS-Dilithium signature scheme Dilithium3-AES as submitted to round3 of the NIST PQC competition and described in https://pq-crystals.org/dilithium/data/dilithium-specification-round3-20210208.pdf
mode3aes implements the CRYSTALS-Dilithium signature scheme Dilithium3-AES as submitted to round3 of the NIST PQC competition and described in https://pq-crystals.org/dilithium/data/dilithium-specification-round3-20210208.pdf
dilithium/mode5
mode5 implements the CRYSTALS-Dilithium signature scheme Dilithium5 as submitted to round3 of the NIST PQC competition and described in https://pq-crystals.org/dilithium/data/dilithium-specification-round3-20210208.pdf
mode5 implements the CRYSTALS-Dilithium signature scheme Dilithium5 as submitted to round3 of the NIST PQC competition and described in https://pq-crystals.org/dilithium/data/dilithium-specification-round3-20210208.pdf
dilithium/mode5aes
mode5aes implements the CRYSTALS-Dilithium signature scheme Dilithium5-AES as submitted to round3 of the NIST PQC competition and described in https://pq-crystals.org/dilithium/data/dilithium-specification-round3-20210208.pdf
mode5aes implements the CRYSTALS-Dilithium signature scheme Dilithium5-AES as submitted to round3 of the NIST PQC competition and described in https://pq-crystals.org/dilithium/data/dilithium-specification-round3-20210208.pdf
ed25519
Package ed25519 implements Ed25519 signature scheme as described in RFC-8032.
Package ed25519 implements Ed25519 signature scheme as described in RFC-8032.
ed448
Package ed448 implements Ed448 signature scheme as described in RFC-8032.
Package ed448 implements Ed448 signature scheme as described in RFC-8032.
eddilithium2
Package eddilithium2 implements the hybrid signature scheme Ed25519-Dilithium2.
Package eddilithium2 implements the hybrid signature scheme Ed25519-Dilithium2.
eddilithium3
Package eddilithium3 implements the hybrid signature scheme Ed448-Dilithium3.
Package eddilithium3 implements the hybrid signature scheme Ed448-Dilithium3.
schemes
Package schemes contains a register of signature algorithms.
Package schemes contains a register of signature algorithms.
Package simd provides parallel implementations of some primitives.
Package simd provides parallel implementations of some primitives.
keccakf1600
Package keccakf1600 provides a two and four-way Keccak-f[1600] permutation in parallel.
Package keccakf1600 provides a two and four-way Keccak-f[1600] permutation in parallel.
Package xof provides an interface for eXtendable-Output Functions.
Package xof provides an interface for eXtendable-Output Functions.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL