/*
* Copyright (c) 2012-2020 MIRACL UK Ltd.
*
* This file is part of MIRACL Core
* (see https://github.com/miracl/core).
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
/* Kyber API */
#ifndef KYBER_H
#define KYBER_H
#include "core.h"
//q= 3329
#define KY_LGN 8
#define KY_DEGREE (1 << KY_LGN)
#define KY_PRIME 0xD01
#define KY_ONE 0x549 // R mod Q
#define KY_QINV 62209 // q^(-1) mod 2^16
#define KYBER_SECRET_CPA_SIZE_512 (2*(KY_DEGREE*3)/2)
#define KYBER_PUBLIC_SIZE_512 (32+2*(KY_DEGREE*3)/2)
#define KYBER_CIPHERTEXT_SIZE_512 ((10*2+4)*KY_DEGREE/8)
#define KYBER_SECRET_CCA_SIZE_512 (KYBER_SECRET_CPA_SIZE_512+KYBER_PUBLIC_SIZE_512+64)
#define KYBER_SHARED_SECRET_512 32
#define KYBER_SECRET_CPA_SIZE_768 (3*(KY_DEGREE*3)/2)
#define KYBER_PUBLIC_SIZE_768 (32+3*(KY_DEGREE*3)/2)
#define KYBER_CIPHERTEXT_SIZE_768 ((10*3+4)*KY_DEGREE/8)
#define KYBER_SECRET_CCA_SIZE_768 (KYBER_SECRET_CPA_SIZE_768+KYBER_PUBLIC_SIZE_768+64)
#define KYBER_SHARED_SECRET_768 32
#define KYBER_SECRET_CPA_SIZE_1024 (4*(KY_DEGREE*3)/2)
#define KYBER_PUBLIC_SIZE_1024 (32+4*(KY_DEGREE*3)/2)
#define KYBER_CIPHERTEXT_SIZE_1024 ((11*4+5)*KY_DEGREE/8)
#define KYBER_SECRET_CCA_SIZE_1024 (KYBER_SECRET_CPA_SIZE_1024+KYBER_PUBLIC_SIZE_1024+64)
#define KYBER_SHARED_SECRET_1024 32
#define KY_MAXK 4
namespace core {
/** @brief Kyber KEM CCA key pair generation
*
@param r64 64 random bytes
@param SK secret key
@param PK public key
*/
extern void KYBER512_keypair(byte *r64,octet *SK,octet *PK);
/** @brief Kyber KEM CCA encrypt
*
@param r32 32 random bytes
@param PK public key
@param SS random session key generated
@param CT ciphertext
*/
extern void KYBER512_encrypt(byte *r32,octet *PK,octet *SS,octet *CT);
/** @brief Kyber KEM CCA decrypt
*
@param SK secret key
@param CT ciphertext
@param SS output session key
*/
extern void KYBER512_decrypt(octet *SK,octet *CT,octet *SS);
/** @brief Kyber KEM CCA key pair generation
*
@param r64 64 random bytes
@param SK secret key
@param PK public key
*/
extern void KYBER768_keypair(byte *r64,octet *SK,octet *PK);
/** @brief Kyber KEM CCA encrypt
*
@param r32 32 random bytes
@param PK public key
@param SS random session key generated
@param CT ciphertext
*/
extern void KYBER768_encrypt(byte *r32,octet *PK,octet *SS,octet *CT);
/** @brief Kyber KEM CCA decrypt
*
@param SK secret key
@param CT ciphertext
@param SS output session key
*/
extern void KYBER768_decrypt(octet *SK,octet *CT,octet *SS);
/** @brief Kyber KEM CCA key pair generation
*
@param r64 64 random bytes
@param SK secret key
@param PK public key
*/
extern void KYBER1024_keypair(byte *r64,octet *SK,octet *PK);
/** @brief Kyber KEM CCA encrypt
*
@param r32 32 random bytes
@param PK public key
@param SS random session key generated
@param CT ciphertext
*/
extern void KYBER1024_encrypt(byte *r32,octet *PK,octet *SS,octet *CT);
/** @brief Kyber KEM CCA decrypt
*
@param SK secret key
@param CT ciphertext
@param SS output session key
*/
extern void KYBER1024_decrypt(octet *SK,octet *CT,octet *SS);
}
#endif