Botan 3.10.0
Crypto and TLS for C&
kyber_constants.cpp
Go to the documentation of this file.
1/*
2 * Crystals Kyber Constants
3 *
4 * (C) 2021-2024 Jack Lloyd
5 * (C) 2021-2022 Manuel Glaser and Michael Boric, Rohde & Schwarz Cybersecurity
6 * (C) 2021-2022 René Meusel and Hannes Rantzsch, neXenio GmbH
7 * (C) 2024 René Meusel, Rohde & Schwarz Cybersecurity
8 *
9 * Botan is released under the Simplified BSD License (see license.txt)
10 */
11
12#include <botan/internal/kyber_constants.h>
13
14#include <botan/internal/pqcrystals_helpers.h>
15
16#if defined(BOTAN_HAS_KYBER)
17 #include <botan/internal/kyber_modern.h>
18#endif
19
20#if defined(BOTAN_HAS_KYBER_90S)
21 #include <botan/internal/kyber_90s.h>
22#endif
23
24#if defined(BOTAN_HAS_ML_KEM)
25 #include <botan/internal/ml_kem_impl.h>
26#endif
27
28namespace Botan {
29
30KyberConstants::KyberConstants(KyberMode mode) : m_mode(mode) {
31 switch(mode.mode()) {
32 case KyberMode::Kyber512_R3:
33 case KyberMode::Kyber512_90s:
34 case KyberMode::ML_KEM_512:
35 m_nist_strength = KyberStrength::_128;
36 m_k = 2;
37 m_eta1 = KyberEta::_3;
38 m_du = KyberDu::_10;
39 m_dv = KyberDv::_4;
40 break;
41
42 case KyberMode::Kyber768_R3:
43 case KyberMode::Kyber768_90s:
44 case KyberMode::ML_KEM_768:
45 m_nist_strength = KyberStrength::_192;
46 m_k = 3;
47 m_eta1 = KyberEta::_2;
48 m_du = KyberDu::_10;
49 m_dv = KyberDv::_4;
50 break;
51
52 case KyberMode::Kyber1024_R3:
53 case KyberMode::Kyber1024_90s:
54 case KyberMode::ML_KEM_1024:
55 m_nist_strength = KyberStrength::_256;
56 m_k = 4;
57 m_eta1 = KyberEta::_2;
58 m_du = KyberDu::_11;
59 m_dv = KyberDv::_5;
60 break;
61
62 default:
63 BOTAN_ASSERT_UNREACHABLE();
64 }
65
66#ifdef BOTAN_HAS_KYBER_90S
67 if(mode.is_kyber_round3() && mode.is_90s()) {
68 m_symmetric_primitives = std::make_unique<Kyber_90s_Symmetric_Primitives>();
69 }
70#endif
71
72#ifdef BOTAN_HAS_KYBER
73 if(mode.is_kyber_round3() && mode.is_modern()) {
74 m_symmetric_primitives = std::make_unique<Kyber_Modern_Symmetric_Primitives>();
75 }
76#endif
77
78#ifdef BOTAN_HAS_ML_KEM
79 if(mode.is_ml_kem()) {
80 m_symmetric_primitives = std::make_unique<ML_KEM_Symmetric_Primitives>();
81 }
82#endif
83
84 static_assert(N % 8 == 0);
85 m_polynomial_vector_bytes = (bitlen(Q) * (N / 8)) * k();
86 m_polynomial_vector_compressed_bytes = d_u() * k() * (N / 8);
87 m_polynomial_compressed_bytes = d_v() * (N / 8);
88 m_expanded_private_key_bytes =
89 static_cast<uint32_t>(m_polynomial_vector_bytes + public_key_bytes() + PUBLIC_KEY_HASH_BYTES + SEED_BYTES);
90 m_seed_private_key_bytes = 2 * SEED_BYTES;
91
92 if(!m_symmetric_primitives) {
93 throw Not_Implemented("requested Kyber mode is not enabled in this build");
94 }
95}
96
97KyberConstants::~KyberConstants() = default;
98
99} // namespace Botan
Botan::KyberConstants::N
static constexpr T N
number of coefficients in a polynomial
Definition kyber_constants.h:28
Botan::KyberConstants::Q
static constexpr T Q
modulus
Definition kyber_constants.h:31
Botan::KyberConstants::SEED_BYTES
static constexpr size_t SEED_BYTES
Definition kyber_constants.h:43
Botan::KyberConstants::public_key_bytes
size_t public_key_bytes() const
byte length of an encoded public key
Definition kyber_constants.h:115
Botan::KyberConstants::KyberConstants
KyberConstants(KyberMode mode)
Definition kyber_constants.cpp:30
Botan::KyberConstants::mode
KyberMode mode() const
Definition kyber_constants.h:74
Botan::KyberConstants::PUBLIC_KEY_HASH_BYTES
static constexpr size_t PUBLIC_KEY_HASH_BYTES
Definition kyber_constants.h:44
Botan::Not_Implemented
Definition exceptn.h:334
BOTAN_HAS_KYBER_90S
#define BOTAN_HAS_KYBER_90S
Definition build.h:230
BOTAN_HAS_ML_KEM
#define BOTAN_HAS_ML_KEM
Definition build.h:241
BOTAN_HAS_KYBER
#define BOTAN_HAS_KYBER
Definition build.h:229
Botan::bitlen
constexpr auto bitlen(size_t x)
Definition pqcrystals_helpers.h:101
Generated by doxygen 1.15.0