Adding new public key KEM API
NIIBE Yutaka
gniibe at fsij.org
Tue Oct 17 08:27:41 CEST 2023
Hello,
We now have two sets of patches for PQC.
Simon Josefsson's second version of the sntrup761 patch
Falko Strenzke patch for ML-KEM
For the next new release of libgcrypt, I'd like to add new API for Key
Encapsulation Mechanism in libgcrypt. What I intend is lower level API
(instead of higher level API with S-expression), just like Simon
suggested. (If needed, S-expression based API will be possible to be
added later.)
What I'm testing now is following:
gcry_error_t gcry_kem_keypair (int algo, const void *context,
void *pubkey,
void *seckey);
gcry_error_t gcry_kem_encap (int algo, const void *context,
const void *pubkey,
void *ciphertext,
void *shared_secret);
gcry_error_t gcry_kem_decap (int algo, const void *context,
const void *seckey,
const void *ciphertext,
void *shared_secret);
That is, rename of functions and adding CONTEXT to Simon's proposal.
In this API, format of the CONTEXT, PUBKEY, SECKEY, CIPHERTEXT,
SHARED_SECRET are defined by ALGO. (Most of the cases, it's
fixed-length byte string.)
I'd like to cover NTRU Prime, Kyber, and ECDH KEM in hybrid PQC.
I'm not sure if ECDH in OpenPGP (of RFC 6637) will be covered by this
API. Perhaps, gcry_ecc_mul_point will be depreated, in preference of
new KEM API.
This development is tracked by:
https://dev.gnupg.org/T6755
Attached is modified version of Simon's t-kem.c, which works for me
(with NTRU Prime and Kyber).
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: t-kem.c
Type: text/x-csrc
Size: 6050 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gcrypt-devel/attachments/20231017/cf750652/attachment.c>
More information about the Gcrypt-devel
mailing list