Documentation
¶
Overview ¶
Package nist implements cryptographic groups and ciphersuites based on the NIST standards, using Go's built-in crypto library.
Index ¶
- type QrSuite
- type ResidueGroup
- func (g *ResidueGroup) Order() *big.Int
- func (g *ResidueGroup) Point() kyber.Point
- func (g *ResidueGroup) PointLen() int
- func (g *ResidueGroup) QuadraticResidueGroup(bitlen uint, rand cipher.Stream)
- func (g *ResidueGroup) Scalar() kyber.Scalar
- func (g *ResidueGroup) ScalarLen() int
- func (g *ResidueGroup) SetParams(P, Q, R, G *big.Int)
- func (g *ResidueGroup) String() string
- func (g *ResidueGroup) Valid() bool
- type Secp256r1
- func (c *Secp256r1) ComputeY(x *big.Int) (*big.Int, *big.Int)
- func (curve *Secp256r1) Init() curve
- func (c *Secp256r1) Order() *big.Int
- func (c *Secp256r1) Point() kyber.Point
- func (c *Secp256r1) PointLen() int
- func (c *Secp256r1) Scalar() kyber.Scalar
- func (c *Secp256r1) ScalarLen() int
- func (curve *Secp256r1) String() string
- type Suite128
- func (s *Suite128) Hash() hash.Hash
- func (curve *Suite128) Init() curve
- func (s *Suite128) New(t reflect.Type) interface{}
- func (s *Suite128) RandomStream() cipher.Stream
- func (s *Suite128) Read(r io.Reader, objs ...interface{}) error
- func (curve *Suite128) String() string
- func (s *Suite128) Write(w io.Writer, objs ...interface{}) error
- func (s *Suite128) XOF(key []byte) kyber.XOF
- type Suite129
- func (c *Suite129) ComputeY(x *big.Int) (*big.Int, *big.Int)
- func (s *Suite129) Hash() hash.Hash
- func (s *Suite129) New(t reflect.Type) interface{}
- func (c *Suite129) Order() *big.Int
- func (c *Suite129) Point() kyber.Point
- func (c *Suite129) PointLen() int
- func (s *Suite129) RandomStream() cipher.Stream
- func (s *Suite129) Read(r io.Reader, objs ...interface{}) error
- func (c *Suite129) Scalar() kyber.Scalar
- func (c *Suite129) ScalarLen() int
- func (s *Suite129) Write(w io.Writer, objs ...interface{}) error
- func (s *Suite129) XOF(key []byte) kyber.XOF
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type QrSuite ¶
type QrSuite struct {
ResidueGroup
}
QrSuite is a quadratic residue suite
func NewBlakeSHA256QR512 ¶
func NewBlakeSHA256QR512() *QrSuite
NewBlakeSHA256QR512 returns a cipher suite based on package github.com/michaljirman/kyber/v3/xof/blake2xb, SHA-256, and a residue group of quadratic residues modulo a 512-bit prime.
This group size should be used only for testing and experimentation. 512-bit DSA-style groups are no longer considered secure.
func (QrSuite) RandomStream ¶
RandomStream returns a cipher.Stream that returns a key stream from crypto/rand.
type ResidueGroup ¶
type ResidueGroup struct {
dsa.Parameters
R *big.Int
}
A ResidueGroup represents a DSA-style modular integer arithmetic group, defined by two primes P and Q and an integer R, such that P = Q*R+1. Points in a ResidueGroup are R-residues modulo P, and Scalars are integer exponents modulo the group order Q.
In traditional DSA groups P is typically much larger than Q, and hence use a large multiple R. This is done to minimize the computational cost of modular exponentiation while maximizing security against known classes of attacks: P must be on the order of thousands of bits long while for security Q is believed to require only hundreds of bits. Such computation-optimized groups are suitable for Diffie-Hellman agreement, DSA or ElGamal signatures, etc., which depend on Point.Mul() and homomorphic properties.
However, residue groups with large R are less suitable for public-key cryptographic techniques that require choosing Points pseudo-randomly or to contain embedded data, as required by ElGamal encryption for example. For such purposes quadratic residue groups are more suitable - representing the special case where R=2 and hence P=2Q+1. As a result, the Point.Pick() method should be expected to work efficiently ONLY on quadratic residue groups in which R=2.
func (*ResidueGroup) Order ¶
func (g *ResidueGroup) Order() *big.Int
Order returns the order of this Residue group, namely the prime Q.
func (*ResidueGroup) Point ¶
func (g *ResidueGroup) Point() kyber.Point
Point creates a Point associated with this Residue group, with an initial value of nil.
func (*ResidueGroup) PointLen ¶
func (g *ResidueGroup) PointLen() int
PointLen returns the number of bytes in the encoding of a Point for this Residue group.
func (*ResidueGroup) QuadraticResidueGroup ¶
func (g *ResidueGroup) QuadraticResidueGroup(bitlen uint, rand cipher.Stream)
QuadraticResidueGroup initializes Residue group parameters for a quadratic residue group, by picking primes P and Q such that P=2Q+1 and the smallest valid generator G for this group.
func (*ResidueGroup) Scalar ¶
func (g *ResidueGroup) Scalar() kyber.Scalar
Scalar creates a Scalar associated with this Residue group, with an initial value of nil.
func (*ResidueGroup) ScalarLen ¶
func (g *ResidueGroup) ScalarLen() int
ScalarLen returns the number of bytes in the encoding of a Scalar for this Residue group.
func (*ResidueGroup) SetParams ¶
func (g *ResidueGroup) SetParams(P, Q, R, G *big.Int)
SetParams explicitly initializes a ResidueGroup with given parameters.
func (*ResidueGroup) String ¶
func (g *ResidueGroup) String() string
func (*ResidueGroup) Valid ¶
func (g *ResidueGroup) Valid() bool
Valid validates the parameters for a Residue group, checking that P and Q are prime, P=Q*R+1, and that G is a valid generator for this group.
type Secp256r1 ¶
type Secp256r1 struct {
// contains filtered or unexported fields
}
P256 implements the kyber.Group interface for the NIST P-256 elliptic curve, based on Go's native elliptic curve library.
func (*Secp256r1) Init ¶
func (curve *Secp256r1) Init() curve
Init initializes standard Curve instances
func (*Secp256r1) Point ¶
func (c *Secp256r1) Point() kyber.Point
Create a Point associated with this curve.
func (*Secp256r1) PointLen ¶
func (c *Secp256r1) PointLen() int
Return the number of bytes in the encoding of a Point for this curve. Currently uses uncompressed ANSI X9.62 format with both X and Y coordinates; this could change.
func (*Secp256r1) Scalar ¶
func (c *Secp256r1) Scalar() kyber.Scalar
Create a Scalar associated with this curve. The scalars created by this package implement kyber.Scalar's SetBytes method, interpreting the bytes as a big-endian integer, so as to be compatible with the Go standard library's big.Int type.
type Suite128 ¶
type Suite128 struct {
// contains filtered or unexported fields
}
Suite128 is the suite for P256 curve
func NewBlakeSHA256P256 ¶
func NewBlakeSHA256P256() *Suite128
NewBlakeSHA256P256 returns a cipher suite based on package github.com/michaljirman/kyber/v3/xof/blake2xb, SHA-256, and the NIST P-256 elliptic curve. It returns random streams from Go's crypto/rand.
The scalars created by this group implement kyber.Scalar's SetBytes method, interpreting the bytes as a big-endian integer, so as to be compatible with the Go standard library's big.Int type.
func (*Suite128) Init ¶
func (curve *Suite128) Init() curve
Init initializes standard Curve instances
func (*Suite128) RandomStream ¶
RandomStream returns a cipher.Stream that returns a key stream from crypto/rand.
type Suite129 ¶
type Suite129 struct {
Secp256r1
}
Suite129 is the suite for secp256r1 curve
func NewSecp256r1 ¶
func NewSecp256r1() *Suite129
func (*Suite129) Point ¶
func (c *Suite129) Point() kyber.Point
Create a Point associated with this curve.
func (*Suite129) PointLen ¶
func (c *Suite129) PointLen() int
Return the number of bytes in the encoding of a Point for this curve. Currently uses uncompressed ANSI X9.62 format with both X and Y coordinates; this could change.
func (*Suite129) RandomStream ¶
RandomStream returns a cipher.Stream that returns a key stream from crypto/rand.
func (*Suite129) Scalar ¶
func (c *Suite129) Scalar() kyber.Scalar
Create a Scalar associated with this curve. The scalars created by this package implement kyber.Scalar's SetBytes method, interpreting the bytes as a big-endian integer, so as to be compatible with the Go standard library's big.Int type.
Source Files