Documentation ¶
Overview ¶
Package nist implements cryptographic groups and ciphersuites based on the NIST standards, using Go's built-in crypto library.
Index ¶
- type QrSuite
- type ResidueGroup
- func (g *ResidueGroup) Order() *big.Int
- func (g *ResidueGroup) Point() kyber.Point
- func (g *ResidueGroup) PointLen() int
- func (g *ResidueGroup) QuadraticResidueGroup(bitlen uint, rand cipher.Stream)
- func (g *ResidueGroup) Scalar() kyber.Scalar
- func (g *ResidueGroup) ScalarLen() int
- func (g *ResidueGroup) SetParams(P, Q, R, G *big.Int)
- func (g *ResidueGroup) String() string
- func (g *ResidueGroup) Valid() bool
- type Suite128
- func (s *Suite128) Hash() hash.Hash
- func (curve *Suite128) Init() curve
- func (s *Suite128) New(t reflect.Type) interface{}
- func (s *Suite128) RandomStream() cipher.Stream
- func (s *Suite128) Read(r io.Reader, objs ...interface{}) error
- func (curve *Suite128) String() string
- func (s *Suite128) Write(w io.Writer, objs ...interface{}) error
- func (s *Suite128) XOF(key []byte) kyber.XOF
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type QrSuite ¶
type QrSuite struct {
ResidueGroup
}
QrSuite is a quadratic residue suite
func NewBlakeSHA256QR512 ¶
func NewBlakeSHA256QR512() *QrSuite
NewBlakeSHA256QR512 returns a cipher suite based on package github.com/drand/kyber/xof/blake2xb, SHA-256, and a residue group of quadratic residues modulo a 512-bit prime.
This group size should be used only for testing and experimentation. 512-bit DSA-style groups are no longer considered secure.
func (QrSuite) RandomStream ¶
RandomStream returns a cipher.Stream that returns a key stream from crypto/rand.
type ResidueGroup ¶
type ResidueGroup struct { dsa.Parameters R *big.Int }
A ResidueGroup represents a DSA-style modular integer arithmetic group, defined by two primes P and Q and an integer R, such that P = Q*R+1. Points in a ResidueGroup are R-residues modulo P, and Scalars are integer exponents modulo the group order Q.
In traditional DSA groups P is typically much larger than Q, and hence use a large multiple R. This is done to minimize the computational cost of modular exponentiation while maximizing security against known classes of attacks: P must be on the order of thousands of bits long while for security Q is believed to require only hundreds of bits. Such computation-optimized groups are suitable for Diffie-Hellman agreement, DSA or ElGamal signatures, etc., which depend on Point.Mul() and homomorphic properties.
However, residue groups with large R are less suitable for public-key cryptographic techniques that require choosing Points pseudo-randomly or to contain embedded data, as required by ElGamal encryption for example. For such purposes quadratic residue groups are more suitable - representing the special case where R=2 and hence P=2Q+1. As a result, the Point.Pick() method should be expected to work efficiently ONLY on quadratic residue groups in which R=2.
func (*ResidueGroup) Order ¶
func (g *ResidueGroup) Order() *big.Int
Order returns the order of this Residue group, namely the prime Q.
func (*ResidueGroup) Point ¶
func (g *ResidueGroup) Point() kyber.Point
Point creates a Point associated with this Residue group, with an initial value of nil.
func (*ResidueGroup) PointLen ¶
func (g *ResidueGroup) PointLen() int
PointLen returns the number of bytes in the encoding of a Point for this Residue group.
func (*ResidueGroup) QuadraticResidueGroup ¶
func (g *ResidueGroup) QuadraticResidueGroup(bitlen uint, rand cipher.Stream)
QuadraticResidueGroup initializes Residue group parameters for a quadratic residue group, by picking primes P and Q such that P=2Q+1 and the smallest valid generator G for this group.
func (*ResidueGroup) Scalar ¶
func (g *ResidueGroup) Scalar() kyber.Scalar
Scalar creates a Scalar associated with this Residue group, with an initial value of nil.
func (*ResidueGroup) ScalarLen ¶
func (g *ResidueGroup) ScalarLen() int
ScalarLen returns the number of bytes in the encoding of a Scalar for this Residue group.
func (*ResidueGroup) SetParams ¶
func (g *ResidueGroup) SetParams(P, Q, R, G *big.Int)
SetParams explicitly initializes a ResidueGroup with given parameters.
func (*ResidueGroup) String ¶
func (g *ResidueGroup) String() string
func (*ResidueGroup) Valid ¶
func (g *ResidueGroup) Valid() bool
Valid validates the parameters for a Residue group, checking that P and Q are prime, P=Q*R+1, and that G is a valid generator for this group.
type Suite128 ¶
type Suite128 struct {
// contains filtered or unexported fields
}
Suite128 is the suite for P256 curve
func NewBlakeSHA256P256 ¶
func NewBlakeSHA256P256() *Suite128
NewBlakeSHA256P256 returns a cipher suite based on package github.com/drand/kyber/xof/blake2xb, SHA-256, and the NIST P-256 elliptic curve. It returns random streams from Go's crypto/rand.
The scalars created by this group implement kyber.Scalar's SetBytes method, interpreting the bytes as a big-endian integer, so as to be compatible with the Go standard library's big.Int type.
func (*Suite128) Init ¶
func (curve *Suite128) Init() curve
Init initializes standard Curve instances
func (*Suite128) RandomStream ¶
RandomStream returns a cipher.Stream that returns a key stream from crypto/rand.