dedis / kyber

Advanced crypto library for the Go language
Other
644 stars 168 forks source link
crypto-library elliptic-curves go

Go test Coverage Status Quality Gate Status Go Reference

DEDIS Advanced Crypto Library for Go

This package provides a toolbox of advanced cryptographic primitives for Go, targeting applications like Cothority that need more than straightforward signing and encryption. Please see the Godoc documentation for this package for details on the library's purpose and API functionality.

This package includes a mix of variable time and constant time implementations. If your application is sensitive to timing-based attacks and you need to constrain Kyber to offering only constant time implementations, you should use the suites.RequireConstantTime() function in the init() function of your main package.

Target Audience

This library is intended to be used by developers who are at least moderately knowledgeable about cryptography. If you want a crypto library that makes it easy to implement "basic crypto" functionality correctly - i.e., plain public-key encryption and signing - then NaCl secretbox may be a better choice. Or use Google's Tink

This toolkit's purpose is to make it possible - and preferably easy - to do slightly more interesting things that most current crypto libraries don't support effectively. The one existing crypto library that this toolkit is probably most comparable to is the Charm rapid prototyping library for Python.

Versioning - Development

We use the following versioning model:

So if you depend on the master branch, you can expect breakages from time to time. If you need something that doesn't change in a backward-compatible way you should use have a go.mod file in the directory where your main package is.

Using the module

Kyber supports Go modules, and currently has a major version of 3, which means that the import path is: go.dedis.ch/kyber/v4.

Here is a basic example of getting started using it:

  1. Make a new directory called “ex". Change directory to “ex" and put this in main.go:
    
    package main

import ( "fmt" "go.dedis.ch/kyber/v4/suites" )

func main() { s := suites.MustFind("Ed25519") x := s.Scalar().Zero() fmt.Println(x) }


2. Type “go mod init example.com/ex”. The resulting go.mod file will have no dependencies listed yet.
3. Type “go build”. The go tool will fill in the new dependencies that it find for you, i.e. "require go.dedis.ch/kyber/v4 v3.0.13”.
4. Running `./ex` will print `0000000000000000000000000000000000000000000000000000000000000000`.

A note on deriving shared secrets
---------------------------------

Traditionally, ECDH (Elliptic curve Diffie-Hellman) derives the shared secret
from the x point only. In this framework, you can either manually retrieve the
value or use the MarshalBinary method to take the combined (x, y) value as the
shared secret. We recommend the latter process for new softare/protocols using
this framework as it is cleaner and generalizes across different types of groups
(e.g., both integer and elliptic curves), although it will likely be
incompatible with other implementations of ECDH. See [the Wikipedia
page](http://en.wikipedia.org/wiki/Elliptic_curve_Diffie%E2%80%93Hellman) on
ECDH.

Reporting security problems
---------------------------

This library is offered as-is, and without a guarantee. It will need an
independent security review before it should be considered ready for use in
security-critical applications. If you integrate Kyber into your application it
is YOUR RESPONSIBILITY to arrange for that audit.

If you notice a possible security problem, please report it
to dedis-security@epfl.ch.