README
¶
FrodoKEM in Golang
Golang implementation of FrodoKEM: a Practical quantum-secure key encapsulation from generic lattices (https://frodokem.org). This implementation passes all KAT tests from the reference specification for all defined key sizes (640 / 976 / 1344) and variants (AES / SHAKE).
API
There is a demo app that uses every method in the API. i.e. methods for listing variants, for creating key pairs,
encapsulating & dencapsulating kems, auxiliary methods reporting cipher-text length, key-length, variant name, etc.
You can find it here: demo.go. The built binary will be placed in bin/demo (use make build to
generate it).
You can also read the documentation using go doc -all in this package, or look at impl.go and
types.go.
Complete usage Snippet:
import frodo "github.com/kuking/go-frodokem"
kem := frodo.Frodo640AES()
pk, sk := kem.Keygen() // public-key, secret-key
ct, ssEnc, _ := kem.Encapsulate(pk) // cipher-text, shared-secret
ssDec, _ := kem.Dencapsulate(sk, ct) // recovered shared-secret
// ssEnc == ssDec
For a full key agreement example, see agreement_test.go.
Note on Concurrency
This library is stateless. A FrodoKEM struct (as returned by i.e. frodo.Frodo640AES()) can be used concurrently.
Keys are immutable []byte and they can be shared between concurrent goroutines.
Author
Eduardo E.S. Riccardi, you can contact me via linkedin, or you could find my email address here.
Releases
v1.0.2 - 12 November 2021 - Updated XZ dependency version (only used in tests)
v1.0.1 - 25 June 2020 - Fixed a possible timing attack #2
v1.0.0 - 10 June 2020 - Feature complete.
Pending
- implement optimisations with SIMD instructions
Documentation
¶
Index ¶
- type FrodoKEM
- func (k *FrodoKEM) CipherTextLen() int
- func (k *FrodoKEM) Dencapsulate(sk []uint8, ct []uint8) (ssDec []uint8, err error)
- func (k *FrodoKEM) Encapsulate(pk []uint8) (ct []uint8, ssEnc []uint8, err error)
- func (k *FrodoKEM) Keygen() (pk []uint8, sk []uint8)
- func (k *FrodoKEM) Name() string
- func (k *FrodoKEM) OverrideRng(newRng func([]byte))
- func (k *FrodoKEM) PublicKeyLen() int
- func (k *FrodoKEM) SecretKeyLen() int
- func (k *FrodoKEM) SharedSecretLen() int
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
This section is empty.
Types ¶
type FrodoKEM ¶
type FrodoKEM struct {
// contains filtered or unexported fields
}
func Frodo1344AES ¶
func Frodo1344AES() (f FrodoKEM)
Returns a new FrodoKEM 1344 AES variant (Generates 256 bits of secret)
func Frodo1344SHAKE ¶
func Frodo1344SHAKE() (f FrodoKEM)
Returns a new FrodoKEM 1344 SHAKE variant (Generates 256 bits of secret)
func Frodo640AES ¶
func Frodo640AES() (f FrodoKEM)
Returns a new FrodoKEM 640 AES variant (Generates 128 bits of secret)
func Frodo640SHAKE ¶
func Frodo640SHAKE() (f FrodoKEM)
Returns a new FrodoKEM 640 SHAKE variant (Generates 128 bits of secret)
func Frodo976AES ¶
func Frodo976AES() (f FrodoKEM)
Returns a new FrodoKEM 976 AES variant (Generates 192 bits of secret)
func Frodo976SHAKE ¶
func Frodo976SHAKE() (f FrodoKEM)
Returns a new FrodoKEM 976 SHAKE variant (Generates 192 bits of secret)
func (*FrodoKEM) CipherTextLen ¶
Returns the cipher-text length (in bytes) encapsulating the shared secret for this variant
func (*FrodoKEM) Dencapsulate ¶
Returns the shared secret by using the provided cipher-text and secret-key
func (*FrodoKEM) Encapsulate ¶
Generate a KEM returning the cipher-text and shared-secret
func (*FrodoKEM) OverrideRng ¶
Overrides the default random number generator (crypto/rand)
func (*FrodoKEM) PublicKeyLen ¶
Returns the public key length (in bytes) for this variant
func (*FrodoKEM) SecretKeyLen ¶
Returns the secret key length (in bytes) for this variant
func (*FrodoKEM) SharedSecretLen ¶
Returns the shared secret (in bytes) this variant generates
Source Files
Directories