dedis/kyber, a golang implementation of Kyber crypto lib (NOTE this is not to be confused with the pq-crystals Kyber PQ KEM) https://github.com/dedis/kyber
Noémien Kocher
199132f0c1
Merge pull request #457 from dedis/feature/neff-shuffle-sequences
|
10 months ago | |
|---|---|---|
| .github | 10 months ago | |
| docs | 1 year ago | |
| encrypt | 3 years ago | |
| examples | 10 months ago | |
| group | 1 year ago | |
| pairing | 1 year ago | |
| proof | 3 years ago | |
| share | 1 year ago | |
| shuffle | 10 months ago | |
| sign | 3 years ago | |
| suites | 3 years ago | |
| util | 3 years ago | |
| xof | 3 years ago | |
| .gitattributes | 4 years ago | |
| .gitignore | 3 years ago | |
| .golangci.yml | 10 months ago | |
| LICENSE | 6 years ago | |
| Makefile | 10 months ago | |
| README.md | 1 year ago | |
| doc.go | 4 years ago | |
| encoding.go | 4 years ago | |
| go.mod | 3 years ago | |
| go.sum | 1 year ago | |
| group.go | 4 years ago | |
| hash.go | 5 years ago | |
| random.go | 5 years ago | |
| xof.go | 5 years ago |
README.md
DEDIS Advanced Crypto Library for Go
This package provides a toolbox of advanced cryptographic primitives for Go, targeting applications like Cothority that need more than straightforward signing and encryption. Please see the Godoc documentation for this package for details on the library's purpose and API functionality.
This package includes a mix of variable time and constant time
implementations. If your application is sensitive to timing-based attacks
and you need to constrain Kyber to offering only constant time implementations,
you should use the suites.RequireConstantTime()
function in the init() function of your main package.
Versioning - Development
We use the following versioning model:
- crypto.v0 was the first semi-stable version. See migration notes.
- kyber.v1 never existed, in order to keep kyber, onet and cothorithy versions linked
- gopkg.in/dedis/kyber.v2 was the last stable version
- Starting with v3.0.0, kyber is a Go module, and we respect semantic versioning.
So if you depend on the master branch, you can expect breakages from time
to time. If you need something that doesn't change in a backward-compatible
way you should use have a go.mod file in the directory where your
main package is.
Using the module
Kyber supports Go modules, and currently has a major version of 3, which means that
the import path is: go.dedis.ch/kyber/v3.
Here is a basic example of getting started using it:
Make a new directory called “ex". Change directory to “ex" and put this in main.go:
package main import ( "fmt" "go.dedis.ch/kyber/v3/suites" ) func main() { s := suites.MustFind("Ed25519") x := s.Scalar().Zero() fmt.Println(x) }Type “go mod init example.com/ex”. The resulting go.mod file will have no dependencies listed yet.
Type “go build”. The go tool will fill in the new dependencies that it find for you, i.e. "require go.dedis.ch/kyber/v3 v3.0.13”.
Running
./exwill print0000000000000000000000000000000000000000000000000000000000000000.
A note on deriving shared secrets
Traditionally, ECDH (Elliptic curve Diffie-Hellman) derives the shared secret from the x point only. In this framework, you can either manually retrieve the value or use the MarshalBinary method to take the combined (x, y) value as the shared secret. We recommend the latter process for new softare/protocols using this framework as it is cleaner and generalizes across different types of groups (e.g., both integer and elliptic curves), although it will likely be incompatible with other implementations of ECDH. See the Wikipedia page on ECDH.
Reporting security problems
This library is offered as-is, and without a guarantee. It will need an independent security review before it should be considered ready for use in security-critical applications. If you integrate Kyber into your application it is YOUR RESPONSIBILITY to arrange for that audit.
If you notice a possible security problem, please report it to dedis-security@epfl.ch.