Documentation ¶
Overview ¶
Package mlkem768 implements the quantum-resistant key encapsulation method ML-KEM (formerly known as Kyber).
Only the recommended ML-KEM-768 parameter set is provided.
The version currently implemented is the one specified by NIST FIPS 203 ipd, with the unintentional transposition of the matrix A reverted to match the behavior of Kyber version 3.0. Future v0 versions of this package might introduce backwards incompatible changes to implement changes to FIPS 203.
Index ¶
- Constants
- func Decapsulate(decapsulationKey, ciphertext []byte) (sharedKey []byte, err error)
- func Encapsulate(encapsulationKey []byte) (ciphertext, sharedKey []byte, err error)
- func EncapsulateFromSeed(encapsulationKey, seed []byte) (ciphertext, sharedKey []byte, err error)
- func GenerateKey() (encapsulationKey, decapsulationKey []byte, err error)
- func GenerateKeyFromSeed(seed []byte) (encapsulationKey, decapsulationKey []byte, err error)
Constants ¶
const ( CiphertextSize = k*encodingSize10 + encodingSize4 EncapsulationKeySize = encryptionKeySize DecapsulationKeySize = decryptionKeySize + encryptionKeySize + 32 + 32 KeySeedSize = 32 * 2 EncapsulationSeedSize = messageSize )
Variables ¶
This section is empty.
Functions ¶
func Decapsulate ¶
Decapsulate generates a shared key from a ciphertext and a decapsulation key. If the decapsulation key or the ciphertext are not valid, Decapsulate returns an error.
The shared key must be kept secret.
func Encapsulate ¶
Encapsulate generates a shared key and an associated ciphertext from an encapsulation key, drawing random bytes from crypto/rand. If the encapsulation key is not valid, Encapsulate returns an error.
The shared key must be kept secret.
func EncapsulateFromSeed ¶
EncapsulateFromSeed generates a shared key and an associated ciphertext from an encapsulation key, drawing random bytes from given seed. If the encapsulation key is not valid, Encapsulate returns an error.
The shared key must be kept secret.
func GenerateKey ¶
GenerateKey generates an encapsulation key and a corresponding decapsulation key, drawing random bytes from crypto/rand.
The decapsulation key must be kept secret.
func GenerateKeyFromSeed ¶
GenerateKeyFromSeed generates an encapsulation key and a corresponding decapsulation key, drawing random bytes from the given seed.
Types ¶
This section is empty.
Directories ¶
Path | Synopsis |
---|---|
Package xwing implements the hybrid quantum-resistant key encapsulation method X-Wing, which combines X25519, ML-KEM-768, and SHA3-256 as specified in [draft-connolly-cfrg-xwing-kem-00].
|
Package xwing implements the hybrid quantum-resistant key encapsulation method X-Wing, which combines X25519, ML-KEM-768, and SHA3-256 as specified in [draft-connolly-cfrg-xwing-kem-00]. |