Botan 2.19.1
Crypto and TLS for C&
newhope.h
Go to the documentation of this file.
1/*
2* NEWHOPE Ring-LWE scheme
3* Based on the public domain reference implementation by the
4* designers (https://github.com/tpoeppelmann/newhope)
5*
6* Further changes
7* (C) 2016 Jack Lloyd
8*
9* Botan is released under the Simplified BSD License (see license.txt)
10*/
11
12#ifndef BOTAN_NEWHOPE_H_
13#define BOTAN_NEWHOPE_H_
14
15#include <botan/types.h>
16
17namespace Botan {
18
19class RandomNumberGenerator;
20
21/*
22* WARNING: This API is preliminary and will change
23* Currently pubkey.h does not support a 2-phase KEM scheme of
24* the sort NEWHOPE exports.
25*/
26
27// TODO: change to just a secure_vector
29 {
30 public:
31 uint16_t coeffs[1024];
33 };
34
36 {
39
43
46
50 };
51
52/**
53* This chooses the XOF + hash for NewHope
54* The official NewHope specification and reference implementation use
55* SHA-3 and SHAKE-128. BoringSSL instead uses SHA-256 and AES-128 in
56* CTR mode. CECPQ1 (x25519+NewHope) always uses BoringSSL's mode
57*/
58enum class Newhope_Mode
59 {
60 SHA3,
62 };
63
64// offer
66 newhope_poly* sk,
69
70// accept
72 uint8_t send[],
73 const uint8_t* received,
75 Newhope_Mode mode = Newhope_Mode::SHA3);
76
77// finish
79 const newhope_poly* ska,
80 const uint8_t* received,
81 Newhope_Mode mode = Newhope_Mode::SHA3);
82
83}
84
85#endif
int(* final)(unsigned char *, CTX *)
#define BOTAN_PUBLIC_API(maj, min)
Definition: compiler.h:31
#define BOTAN_UNSTABLE_API
Definition: compiler.h:44
Definition: alg_id.cpp:13
Newhope_Mode
Definition: newhope.h:59
Newhope_Params
Definition: newhope.h:36
@ NEWHOPE_SHARED_KEY_BYTES
Definition: newhope.h:42
@ NEWHOPE_SENDABYTES
Definition: newhope.h:37
@ CECPQ1_ACCEPT_BYTES
Definition: newhope.h:48
@ NEWHOPE_POLY_BYTES
Definition: newhope.h:45
@ NEWHOPE_SENDBBYTES
Definition: newhope.h:38
@ CECPQ1_SHARED_KEY_BYTES
Definition: newhope.h:49
@ CECPQ1_OFFER_BYTES
Definition: newhope.h:47
@ NEWHOPE_OFFER_BYTES
Definition: newhope.h:40
@ NEWHOPE_SEED_BYTES
Definition: newhope.h:44
@ NEWHOPE_ACCEPT_BYTES
Definition: newhope.h:41
void newhope_shareda(uint8_t sharedkey[], const poly *sk, const uint8_t received[], Newhope_Mode mode)
Definition: newhope.cpp:779
void newhope_sharedb(uint8_t *sharedkey, uint8_t *send, const uint8_t *received, RandomNumberGenerator &rng, Newhope_Mode mode)
Definition: newhope.cpp:742
void newhope_keygen(uint8_t *send, poly *sk, RandomNumberGenerator &rng, Newhope_Mode mode)
Definition: newhope.cpp:720