Botan 3.5.0
Crypto and TLS for C&
Public Member Functions | Static Public Attributes | List of all members
Botan::KyberConstants Class Referencefinal

#include <kyber_constants.h>

Public Member Functions

size_t encapsulated_key_length () const
 
size_t estimated_strength () const
 
uint8_t eta1 () const
 
uint8_t eta2 () const
 
uint8_t k () const
 
 KyberConstants (const KyberConstants &other)
 
 KyberConstants (KyberConstants &&other)=default
 
 KyberConstants (KyberMode mode)
 
KyberMode mode () const
 
KyberConstantsoperator= (const KyberConstants &other)=delete
 
KyberConstantsoperator= (KyberConstants &&other)=default
 
size_t polynomial_compressed_bytes () const
 
size_t polynomial_vector_byte_length () const
 
size_t polynomial_vector_compressed_bytes () const
 
size_t private_key_byte_length () const
 
size_t public_key_byte_length () const
 
size_t shared_key_length () const
 
Kyber_Symmetric_Primitivessymmetric_primitives () const
 
 ~KyberConstants ()
 

Static Public Attributes

static constexpr size_t kPublicKeyHashLength = 32
 
static constexpr size_t kSeedLength = kSymBytes
 
static constexpr size_t kSerializedPolynomialByteLength = N / 2 * 3
 
static constexpr size_t kSymBytes = 32
 
static constexpr size_t kZLength = kSymBytes
 
static constexpr size_t N = 256
 
static constexpr size_t Q = 3329
 
static constexpr size_t Q_Inv = 62209
 
static constexpr int16_t zetas [128]
 
static constexpr int16_t zetas_inv [128]
 

Detailed Description

Definition at line 23 of file kyber_constants.h.

Constructor & Destructor Documentation

◆ KyberConstants() [1/3]

Botan::KyberConstants::KyberConstants ( KyberMode mode)

Definition at line 24 of file kyber_constants.cpp.

24 : m_mode(mode) {
25 switch(mode.mode()) {
26 case KyberMode::Kyber512_R3:
27 case KyberMode::Kyber512_90s:
28 m_nist_strength = 128;
29 m_k = 2;
30 m_eta1 = 3;
31 break;
32
33 case KyberMode::Kyber768_R3:
34 case KyberMode::Kyber768_90s:
35 m_nist_strength = 192;
36 m_k = 3;
37 m_eta1 = 2;
38 break;
39
40 case KyberMode::Kyber1024_R3:
41 case KyberMode::Kyber1024_90s:
42 m_nist_strength = 256;
43 m_k = 4;
44 m_eta1 = 2;
45 break;
46
47 default:
48 BOTAN_ASSERT_UNREACHABLE();
49 }
50
51#ifdef BOTAN_HAS_KYBER_90S
52 if(mode.is_kyber_round3() && mode.is_90s()) {
53 m_symmetric_primitives = std::make_unique<Kyber_90s_Symmetric_Primitives>();
54 }
55#endif
56
57#ifdef BOTAN_HAS_KYBER
58 if(mode.is_kyber_round3() && mode.is_modern()) {
59 m_symmetric_primitives = std::make_unique<Kyber_Modern_Symmetric_Primitives>();
60 }
61#endif
62
63 if(!m_symmetric_primitives) {
64 throw Not_Implemented("requested Kyber mode is not enabled in this build");
65 }
66}
BOTAN_ASSERT_UNREACHABLE
#define BOTAN_ASSERT_UNREACHABLE()
Definition assert.h:137
Botan::KyberConstants::mode
KyberMode mode() const
Definition kyber_constants.h:66
Botan::KyberMode::is_kyber_round3
bool is_kyber_round3() const
Definition kyber.cpp:112
Botan::KyberMode::is_modern
bool is_modern() const
Definition kyber.cpp:108
Botan::KyberMode::is_90s
bool is_90s() const
Definition kyber.cpp:104
Botan::KyberMode::mode
Mode mode() const
Definition kyber.h:56

References BOTAN_ASSERT_UNREACHABLE, Botan::KyberMode::is_90s(), Botan::KyberMode::is_kyber_round3(), Botan::KyberMode::is_modern(), Botan::KyberMode::Kyber1024_90s, Botan::KyberMode::Kyber1024_R3, Botan::KyberMode::Kyber512_90s, Botan::KyberMode::Kyber512_R3, Botan::KyberMode::Kyber768_90s, Botan::KyberMode::Kyber768_R3, mode(), and Botan::KyberMode::mode().

◆ ~KyberConstants()

Botan::KyberConstants::~KyberConstants ( )
default

◆ KyberConstants() [2/3]

Botan::KyberConstants::KyberConstants ( const KyberConstants & other)
inline

Definition at line 60 of file kyber_constants.h.

60: KyberConstants(other.m_mode) {}
Botan::KyberConstants::KyberConstants
KyberConstants(KyberMode mode)
Definition kyber_constants.cpp:24

◆ KyberConstants() [3/3]

Botan::KyberConstants::KyberConstants ( KyberConstants && other)
default

Member Function Documentation

◆ encapsulated_key_length()

size_t Botan::KyberConstants::encapsulated_key_length ( ) const
inline

Definition at line 84 of file kyber_constants.h.

84 {
85 return polynomial_vector_compressed_bytes() + polynomial_compressed_bytes();
86 }
Botan::KyberConstants::polynomial_vector_compressed_bytes
size_t polynomial_vector_compressed_bytes() const
Definition kyber_constants.h:78
Botan::KyberConstants::polynomial_compressed_bytes
size_t polynomial_compressed_bytes() const
Definition kyber_constants.h:80

References polynomial_compressed_bytes(), and polynomial_vector_compressed_bytes().

Referenced by Botan::Kyber_KEM_Decryptor_Base::encapsulated_key_length(), Botan::Kyber_KEM_Encryptor_Base::encapsulated_key_length(), and Botan::Ciphertext::to_bytes().

◆ estimated_strength()

size_t Botan::KyberConstants::estimated_strength ( ) const
inline

Definition at line 68 of file kyber_constants.h.

68{ return m_nist_strength; }

◆ eta1()

uint8_t Botan::KyberConstants::eta1 ( ) const
inline

Definition at line 72 of file kyber_constants.h.

72{ return m_eta1; }

Referenced by Botan::Polynomial::getnoise_eta1().

◆ eta2()

uint8_t Botan::KyberConstants::eta2 ( ) const
inline

Definition at line 74 of file kyber_constants.h.

74{ return 2; }

Referenced by Botan::Polynomial::getnoise_eta2().

◆ k()

uint8_t Botan::KyberConstants::k ( ) const
inline

Definition at line 70 of file kyber_constants.h.

70{ return m_k; }

Referenced by Botan::PolynomialVector::from_bytes(), Botan::PolynomialMatrix::generate(), Botan::PolynomialVector::getnoise_eta1(), Botan::PolynomialVector::getnoise_eta2(), Botan::Kyber_PublicKeyInternal::indcpa_encrypt(), and polynomial_vector_byte_length().

◆ mode()

KyberMode Botan::KyberConstants::mode ( ) const
inline

Definition at line 66 of file kyber_constants.h.

66{ return m_mode; }

Referenced by KyberConstants().

◆ operator=() [1/2]

KyberConstants & Botan::KyberConstants::operator= ( const KyberConstants & other)
delete

◆ operator=() [2/2]

KyberConstants & Botan::KyberConstants::operator= ( KyberConstants && other)
default

◆ polynomial_compressed_bytes()

size_t Botan::KyberConstants::polynomial_compressed_bytes ( ) const
inline

Definition at line 80 of file kyber_constants.h.

80{ return (m_k == 2 || m_k == 3) ? 128 : 160; }

Referenced by encapsulated_key_length(), Botan::Ciphertext::from_bytes(), and Botan::Ciphertext::to_bytes().

◆ polynomial_vector_byte_length()

size_t Botan::KyberConstants::polynomial_vector_byte_length ( ) const
inline

Definition at line 76 of file kyber_constants.h.

76{ return kSerializedPolynomialByteLength * k(); }
Botan::KyberConstants::kSerializedPolynomialByteLength
static constexpr size_t kSerializedPolynomialByteLength
Definition kyber_constants.h:51

References k(), and kSerializedPolynomialByteLength.

Referenced by Botan::PolynomialVector::from_bytes(), private_key_byte_length(), and public_key_byte_length().

◆ polynomial_vector_compressed_bytes()

size_t Botan::KyberConstants::polynomial_vector_compressed_bytes ( ) const
inline

Definition at line 78 of file kyber_constants.h.

78{ return (m_k == 2 || m_k == 3) ? m_k * 320 : m_k * 352; }

Referenced by encapsulated_key_length(), Botan::Ciphertext::from_bytes(), and Botan::Ciphertext::to_bytes().

◆ private_key_byte_length()

size_t Botan::KyberConstants::private_key_byte_length ( ) const
inline

Definition at line 90 of file kyber_constants.h.

90 {
91 return polynomial_vector_byte_length() + public_key_byte_length() + kPublicKeyHashLength + kZLength;
92 }
Botan::KyberConstants::kPublicKeyHashLength
static constexpr size_t kPublicKeyHashLength
Definition kyber_constants.h:52
Botan::KyberConstants::kZLength
static constexpr size_t kZLength
Definition kyber_constants.h:53
Botan::KyberConstants::public_key_byte_length
size_t public_key_byte_length() const
Definition kyber_constants.h:82
Botan::KyberConstants::polynomial_vector_byte_length
size_t polynomial_vector_byte_length() const
Definition kyber_constants.h:76

References kPublicKeyHashLength, kZLength, polynomial_vector_byte_length(), and public_key_byte_length().

◆ public_key_byte_length()

size_t Botan::KyberConstants::public_key_byte_length ( ) const
inline

Definition at line 82 of file kyber_constants.h.

82{ return polynomial_vector_byte_length() + kSeedLength; }
Botan::KyberConstants::kSeedLength
static constexpr size_t kSeedLength
Definition kyber_constants.h:50

References kSeedLength, and polynomial_vector_byte_length().

Referenced by private_key_byte_length().

◆ shared_key_length()

size_t Botan::KyberConstants::shared_key_length ( ) const
inline

Definition at line 88 of file kyber_constants.h.

88{ return 32; }

Referenced by Botan::Kyber_KEM_Decryptor_Base::raw_kem_shared_key_length(), and Botan::Kyber_KEM_Encryptor_Base::raw_kem_shared_key_length().

◆ symmetric_primitives()

Kyber_Symmetric_Primitives & Botan::KyberConstants::symmetric_primitives ( ) const
inline

Definition at line 94 of file kyber_constants.h.

94{ return *m_symmetric_primitives; }

Referenced by Botan::PolynomialMatrix::generate(), Botan::Polynomial::getnoise_eta1(), and Botan::Polynomial::getnoise_eta2().

Member Data Documentation

◆ kPublicKeyHashLength

size_t Botan::KyberConstants::kPublicKeyHashLength = 32
staticconstexpr

Definition at line 52 of file kyber_constants.h.

Referenced by Botan::Kyber_PrivateKey::Kyber_PrivateKey(), and private_key_byte_length().

◆ kSeedLength

size_t Botan::KyberConstants::kSeedLength = kSymBytes
staticconstexpr

Definition at line 50 of file kyber_constants.h.

Referenced by Botan::Kyber_PublicKey::initialize_from_encoding(), and public_key_byte_length().

◆ kSerializedPolynomialByteLength

size_t Botan::KyberConstants::kSerializedPolynomialByteLength = N / 2 * 3
staticconstexpr

Definition at line 51 of file kyber_constants.h.

Referenced by Botan::PolynomialVector::from_bytes(), polynomial_vector_byte_length(), and Botan::PolynomialVector::to_bytes().

◆ kSymBytes

size_t Botan::KyberConstants::kSymBytes = 32
staticconstexpr

Definition at line 49 of file kyber_constants.h.

Referenced by Botan::Kyber_KEM_Decryptor::decapsulate(), Botan::Kyber_KEM_Encryptor::encapsulate(), Botan::PolynomialMatrix::generate(), and Botan::Kyber_PrivateKey::Kyber_PrivateKey().

◆ kZLength

size_t Botan::KyberConstants::kZLength = kSymBytes
staticconstexpr

Definition at line 53 of file kyber_constants.h.

Referenced by Botan::Kyber_PrivateKey::Kyber_PrivateKey(), Botan::Kyber_PrivateKey::Kyber_PrivateKey(), and private_key_byte_length().

◆ N

size_t Botan::KyberConstants::N = 256
staticconstexpr

Definition at line 25 of file kyber_constants.h.

Referenced by Botan::Polynomial::from_message(), Botan::Polynomial::getnoise_eta1(), and Botan::Polynomial::getnoise_eta2().

◆ Q

size_t Botan::KyberConstants::Q = 3329
staticconstexpr

Definition at line 26 of file kyber_constants.h.

Referenced by Botan::Polynomial::csubq(), Botan::Polynomial::from_message(), Botan::Polynomial::sample_rej_uniform(), Botan::Polynomial::to_message(), and Botan::Polynomial::tomont().

◆ Q_Inv

size_t Botan::KyberConstants::Q_Inv = 62209
staticconstexpr

Definition at line 27 of file kyber_constants.h.

◆ zetas

int16_t Botan::KyberConstants::zetas[128]
staticconstexpr
Initial value:
= {
2285, 2571, 2970, 1812, 1493, 1422, 287, 202, 3158, 622, 1577, 182, 962, 2127, 1855, 1468,
573, 2004, 264, 383, 2500, 1458, 1727, 3199, 2648, 1017, 732, 608, 1787, 411, 3124, 1758,
1223, 652, 2777, 1015, 2036, 1491, 3047, 1785, 516, 3321, 3009, 2663, 1711, 2167, 126, 1469,
2476, 3239, 3058, 830, 107, 1908, 3082, 2378, 2931, 961, 1821, 2604, 448, 2264, 677, 2054,
2226, 430, 555, 843, 2078, 871, 1550, 105, 422, 587, 177, 3094, 3038, 2869, 1574, 1653,
3083, 778, 1159, 3182, 2552, 1483, 2727, 1119, 1739, 644, 2457, 349, 418, 329, 3173, 3254,
817, 1097, 603, 610, 1322, 2044, 1864, 384, 2114, 3193, 1218, 1994, 2455, 220, 2142, 1670,
2144, 1799, 2051, 794, 1819, 2475, 2459, 478, 3221, 3021, 996, 991, 958, 1869, 1522, 1628}

Definition at line 29 of file kyber_constants.h.

29 {
30 2285, 2571, 2970, 1812, 1493, 1422, 287, 202, 3158, 622, 1577, 182, 962, 2127, 1855, 1468,
31 573, 2004, 264, 383, 2500, 1458, 1727, 3199, 2648, 1017, 732, 608, 1787, 411, 3124, 1758,
32 1223, 652, 2777, 1015, 2036, 1491, 3047, 1785, 516, 3321, 3009, 2663, 1711, 2167, 126, 1469,
33 2476, 3239, 3058, 830, 107, 1908, 3082, 2378, 2931, 961, 1821, 2604, 448, 2264, 677, 2054,
34 2226, 430, 555, 843, 2078, 871, 1550, 105, 422, 587, 177, 3094, 3038, 2869, 1574, 1653,
35 3083, 778, 1159, 3182, 2552, 1483, 2727, 1119, 1739, 644, 2457, 349, 418, 329, 3173, 3254,
36 817, 1097, 603, 610, 1322, 2044, 1864, 384, 2114, 3193, 1218, 1994, 2455, 220, 2142, 1670,
37 2144, 1799, 2051, 794, 1819, 2475, 2459, 478, 3221, 3021, 996, 991, 958, 1869, 1522, 1628};

Referenced by Botan::Polynomial::basemul_montgomery(), and Botan::Polynomial::ntt().

◆ zetas_inv

int16_t Botan::KyberConstants::zetas_inv[128]
staticconstexpr
Initial value:
= {
1701, 1807, 1460, 2371, 2338, 2333, 308, 108, 2851, 870, 854, 1510, 2535, 1278, 1530, 1185,
1659, 1187, 3109, 874, 1335, 2111, 136, 1215, 2945, 1465, 1285, 2007, 2719, 2726, 2232, 2512,
75, 156, 3000, 2911, 2980, 872, 2685, 1590, 2210, 602, 1846, 777, 147, 2170, 2551, 246,
1676, 1755, 460, 291, 235, 3152, 2742, 2907, 3224, 1779, 2458, 1251, 2486, 2774, 2899, 1103,
1275, 2652, 1065, 2881, 725, 1508, 2368, 398, 951, 247, 1421, 3222, 2499, 271, 90, 853,
1860, 3203, 1162, 1618, 666, 320, 8, 2813, 1544, 282, 1838, 1293, 2314, 552, 2677, 2106,
1571, 205, 2918, 1542, 2721, 2597, 2312, 681, 130, 1602, 1871, 829, 2946, 3065, 1325, 2756,
1861, 1474, 1202, 2367, 3147, 1752, 2707, 171, 3127, 3042, 1907, 1836, 1517, 359, 758, 1441}

Definition at line 39 of file kyber_constants.h.

39 {
40 1701, 1807, 1460, 2371, 2338, 2333, 308, 108, 2851, 870, 854, 1510, 2535, 1278, 1530, 1185,
41 1659, 1187, 3109, 874, 1335, 2111, 136, 1215, 2945, 1465, 1285, 2007, 2719, 2726, 2232, 2512,
42 75, 156, 3000, 2911, 2980, 872, 2685, 1590, 2210, 602, 1846, 777, 147, 2170, 2551, 246,
43 1676, 1755, 460, 291, 235, 3152, 2742, 2907, 3224, 1779, 2458, 1251, 2486, 2774, 2899, 1103,
44 1275, 2652, 1065, 2881, 725, 1508, 2368, 398, 951, 247, 1421, 3222, 2499, 271, 90, 853,
45 1860, 3203, 1162, 1618, 666, 320, 8, 2813, 1544, 282, 1838, 1293, 2314, 552, 2677, 2106,
46 1571, 205, 2918, 1542, 2721, 2597, 2312, 681, 130, 1602, 1871, 829, 2946, 3065, 1325, 2756,
47 1861, 1474, 1202, 2367, 3147, 1752, 2707, 171, 3127, 3042, 1907, 1836, 1517, 359, 758, 1441};

Referenced by Botan::Polynomial::invntt_tomont().

The documentation for this class was generated from the following files:
Generated by doxygen 1.11.0