caac02a77b
2/2 Added vendor/ dir to lock down dependent pkg versions. The author of git.schwanenlied.me/yawning/{chacha20,newhope,kyber}.git has copied their repos to gitlab.com/yawning/ but some imports of chacha20 from newhope still inconsistently refer to git.schwanenlied.me/, breaking build. Licenses for chacha20 also changed from CC0 to AGPL, which may or may not be an issue. Until the two aforementioned issues are resolved, locking to last-good versions is probably the best way forward for now. To build with vendored deps, use make VENDOR=1 clean all |
||
---|---|---|
.. | ||
.gitignore | ||
LICENSE | ||
README.md | ||
cbd.go | ||
doc.go | ||
hwaccel.go | ||
hwaccel_amd64.go | ||
hwaccel_amd64.s | ||
hwaccel_ref.go | ||
indcpa.go | ||
kem.go | ||
kex.go | ||
ntt.go | ||
params.go | ||
poly.go | ||
polyvec.go | ||
precomp.go | ||
reduce.go |
README.md
Kyber - IND-CCA2-secure Key Encapsulation Mechanism
Yawning Angel (yawning at schwanenlied dot me)
This package implements the Kyber IND-CCA2-secure key encapsulation mechanism (KEM), based on the hardness of solving the learning-with-errors (LWE) problem over module lattices as submitted to the NIST Post-Quantum Cryptography project.
This implementation is a port of the Public Domain reference implementation by Joppe Bos, Léo Ducas, Eike Kiltz , Tancrède Lepoint, Vadim Lyubashevsky, John Schanck, Peter Schwabe, Gregor Seiler, and Damien Stehlé.
Additionally implementations of Kyber.AKE and Kyber.UAKE as presented in the Kyber paper are included for users that seek an authenticated key exchange.
Note that the algorithm is not finalized yet, and may change in a backward incompatible manner in the future. The designers currently recommend combining Kyber with an established pre-quantum algorithm like ECDH, and using the Kyber-768 parameter set.
For more information, see the project home page.