Add warnings about using Kyber.CPAPKE directly

bwesterb / draft-schwabe-cfrg-kyber

CFRG I-D for the Post-Quantum KEM Kyber

Other

7 stars 4 forks source link

Add warnings about using Kyber.CPAPKE directly #21

Closed bwesterb closed 2 years ago

jschanck commented 2 years ago

I would avoid defining the CPA PKE at all in this document. Specifically, I would inline CPAPKE_KeyGen and CPAPKE_Dec into KeyGen and Dec. I would then rename CPAPKE_Enc to something like InnerEnc and describe it as a helper function for code that is shared between Enc and Dec.

bwesterb commented 2 years ago

On the other hand, I think it's easier to implement something if you understand what it's doing. Specifically: it's helpful if an implementor can first implement and test the CPAPKE before moving on to Kyber proper.