This is a code organization and code migration task. We wish to migrate all the cryptography code that is inside this katzenpost monorepo into a new cryptography repo which for the time being we are calling hpqc - hybrid post quantum cryptography.
Much of this code migration is straight forward and requires very very minimal code changes and import path changes. However there are various cryptographic packages lurking outside of core/crypto package. I'll be fishing out ALL the cryptography and organizing it into a new hierarchy.
Besides code migration of existing modules/packages, we also need to write wrappers for the basics like hash functions, stream cipher, aead etc.
This task has 3 main goals:
we never call cryptography libraries directly from the katzenpost monorepo, but always use hpqc for every cryptographic operation; this ensures that all the cryptography mistakes happen inside hpqc instead of being spread out over many hierarchies throughout the katzenpost monorepo. it focuses all the cryptography in one place.
provide a reusable cryptography library that other golang projects can use
maintain pq cryptographic primitives that are not currently being maintained in a timely manner
We'll have some unique features in this cryptography library that are somewhat innovative and very useful such as:
generic NIKE interface
security preserving KEM combiner
hybrid post quantum constructions where ever it is possible to compose them
primarily pure golang but optional C bindings to allow for a greater set of primitives
KAT and sage based tests, test vectors, multi-architecture testing infrastructure, automated CI testing
CTIDH + X25519 double ratchet
PQ Sphinx - many param sets possible
There's also the idea that we are now maintaining a fork of Yawning's nyquist, the only PQ Noise implementation in the world. Our nyquist fork has it's own repo which is convenient for pulling upstream. But I think it's an advantage to lift nyquist into the hpqc repo in order to quickly and easily make code changes; namely making it NOT depend on circl... in fact, ALL the cryptography primitives that nyquist uses should be primitives that are wrapped in hpqc.
david415
commented
2 months ago
This is a code organization and code migration task. We wish to migrate all the cryptography code that is inside this katzenpost monorepo into a new cryptography repo which for the time being we are calling hpqc - hybrid post quantum cryptography.
Much of this code migration is straight forward and requires very very minimal code changes and import path changes. However there are various cryptographic packages lurking outside of core/crypto package. I'll be fishing out ALL the cryptography and organizing it into a new hierarchy.
Besides code migration of existing modules/packages, we also need to write wrappers for the basics like hash functions, stream cipher, aead etc.
This task has 3 main goals:
We'll have some unique features in this cryptography library that are somewhat innovative and very useful such as:
There's also the idea that we are now maintaining a fork of Yawning's nyquist, the only PQ Noise implementation in the world. Our nyquist fork has it's own repo which is convenient for pulling upstream. But I think it's an advantage to lift nyquist into the hpqc repo in order to quickly and easily make code changes; namely making it NOT depend on circl... in fact, ALL the cryptography primitives that nyquist uses should be primitives that are wrapped in hpqc.