combiner

package
v0.0.36 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jun 16, 2024 License: AGPL-3.0 Imports: 5 Imported by: 0

Documentation

Overview

Package combiner defines a security preserving KEM combiner. The [KEM Combiners paper](https://eprint.iacr.org/2018/024.pdf) makes the observation that if a KEM combiner is not security preserving then the resulting hybrid KEM will not have IND-CCA2 security if one of the composing KEMs does not have IND-CCA2 security. Likewise the paper points out that when using a security preserving KEM combiner, if only one of the composing KEMs has IND-CCA2 security then the resulting hybrid KEM will have IND-CCA2 security.

Our KEM combiner uses the split PRF design for an arbitrary number of kems, here shown with only three, in pseudo code:

```

func SplitPRF(ss1, ss2, ss3, cct1, cct2, cct3 []byte) []byte {
    cct := cct1 || cct2 || cct3
    return PRF(ss1 || cct) XOR PRF(ss2 || cct) XOR PRF(ss3 || cct)
}

```

Index

Constants

This section is empty.

Variables

View Source
var (
	// ErrUninitialized indicates a key wasn't initialized.
	ErrUninitialized = errors.New("public or private key not initialized")
)

Functions

This section is empty.

Types

type PrivateKey

type PrivateKey struct {
	// contains filtered or unexported fields
}

Private key of a hybrid KEM.

func (*PrivateKey) Equal

func (sk *PrivateKey) Equal(other kem.PrivateKey) bool

Equal performs a non-constant time key comparison.

func (*PrivateKey) MarshalBinary

func (sk *PrivateKey) MarshalBinary() ([]byte, error)

MarshalBinary creates a binary blob of the key.

func (*PrivateKey) Public

func (sk *PrivateKey) Public() kem.PublicKey

Public returns a public key, given a private key.

func (*PrivateKey) Scheme

func (sk *PrivateKey) Scheme() kem.Scheme

Scheme returns the given private key's scheme object.

type PublicKey

type PublicKey struct {
	// contains filtered or unexported fields
}

Public key of a combined KEMs.

func (*PublicKey) Equal

func (sk *PublicKey) Equal(other kem.PublicKey) bool

Equal performs a non-constant time key comparison.

func (*PublicKey) MarshalBinary

func (sk *PublicKey) MarshalBinary() ([]byte, error)

MarshalBinary returns a binary blob of the key.

func (*PublicKey) MarshalText added in v0.0.3

func (sk *PublicKey) MarshalText() (text []byte, err error)

func (*PublicKey) Scheme

func (pk *PublicKey) Scheme() kem.Scheme

Scheme returns the scheme object for the given public key.

type Scheme

type Scheme struct {
	// contains filtered or unexported fields
}

Scheme for a hybrid KEM.

func New

func New(name string, schemes []kem.Scheme) *Scheme

New creates a new hybrid KEM given the slices of KEM schemes.

func (*Scheme) CiphertextSize

func (sch *Scheme) CiphertextSize() int

CiphertextSize returns the KEM's ciphertext size in bytes.

func (*Scheme) Decapsulate

func (sch *Scheme) Decapsulate(sk kem.PrivateKey, ct []byte) ([]byte, error)

Decapsulate decrypts a given KEM ciphertext using the given private key.

func (*Scheme) DeriveKeyPair

func (sch *Scheme) DeriveKeyPair(seed []byte) (kem.PublicKey, kem.PrivateKey)

DeriveKeyPair uses a seed value to deterministically generate a key pair.

func (*Scheme) Encapsulate

func (sch *Scheme) Encapsulate(pk kem.PublicKey) (ct, ss []byte, err error)

Encapsulate creates a shared secret and ciphertext given a public key.

func (*Scheme) EncapsulateDeterministically

func (sch *Scheme) EncapsulateDeterministically(publicKey kem.PublicKey, seed []byte) (ct, ss []byte, err error)

EncapsulateDeterministically deterministircally encapsulates a share secret to the given public key and the given seed value.

func (*Scheme) GenerateKeyPair

func (sch *Scheme) GenerateKeyPair() (kem.PublicKey, kem.PrivateKey, error)

GenerateKeyPair generates a keypair.

func (*Scheme) Name

func (sch *Scheme) Name() string

Name returns the name of the KEM.

func (*Scheme) PrivateKeySize

func (sch *Scheme) PrivateKeySize() int

PrivateKeySize returns the KEM's private key size in bytes.

func (*Scheme) PublicKeySize

func (sch *Scheme) PublicKeySize() int

PublicKeySize returns the KEM's public key size in bytes.

func (*Scheme) SeedSize

func (sch *Scheme) SeedSize() int

SeedSize returns the KEM's seed size in bytes.

func (*Scheme) SharedKeySize

func (sch *Scheme) SharedKeySize() int

SharedKeySize returns the KEM's shared key size in bytes.

func (*Scheme) UnmarshalBinaryPrivateKey

func (sch *Scheme) UnmarshalBinaryPrivateKey(buf []byte) (kem.PrivateKey, error)

UnmarshalBinaryPrivateKey unmarshals a binary blob representing a private key.

func (*Scheme) UnmarshalBinaryPublicKey

func (sch *Scheme) UnmarshalBinaryPublicKey(buf []byte) (kem.PublicKey, error)

UnmarshalBinaryPublicKey unmarshals a binary blob representing a public key.

func (*Scheme) UnmarshalTextPrivateKey added in v0.0.4

func (sch *Scheme) UnmarshalTextPrivateKey(text []byte) (kem.PrivateKey, error)

func (*Scheme) UnmarshalTextPublicKey added in v0.0.4

func (sch *Scheme) UnmarshalTextPublicKey(text []byte) (kem.PublicKey, error)

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL