Kyber#
The CRYSTALS-Kyber primitive.
Caution
Currently, crypto-condor uses test vectors for version 3.0 of Kyber, which is the latest release of the reference implementation. This version differs from the FIPS draft for ML-KEM. When the final is published, its test vectors will be integrated into crypto-condor.
Supported parameters#
Kyber has six parameter sets: these are supported and defined by Paramset
.
- enum crypto_condor.primitives.Kyber.Paramset(value)#
Available parameter sets.
- Member Type:
str
Valid values are as follows:
- KYBER512 = <Paramset.KYBER512: 'Kyber512'>#
- KYBER512_90s = <Paramset.KYBER512_90s: 'Kyber512-90s'>#
- KYBER768 = <Paramset.KYBER768: 'Kyber768'>#
- KYBER768_90s = <Paramset.KYBER768_90s: 'Kyber768-90s'>#
- KYBER1024 = <Paramset.KYBER1024: 'Kyber1024'>#
- KYBER1024_90s = <Paramset.KYBER1024_90s: 'Kyber1024-90s'>#
Test an encapsulation function#
- crypto_condor.primitives.Kyber.test_encapsulate(encapsulate, paramset)#
Tests encapsulation using NIST test vectors.
The generation of the shared secret is random, so we cannot simply compare the ciphertext returned by
encapsulate
with the test vector’s ciphertext. Instead, we callencapsulate
, then decapsulate the ciphertext with the internal decapsulation function, and compare the resulting shared secret with the one returned byencapsulate
. If they match, we consider it a pass.Attention
crypto-condor uses the reference C implementation of Kyber: it comes bundled with the package, but has to be compiled and installed locally. This is done automatically when the internal implementation is needed, but if the compilation fails this test cannot be run. You can report a problem by opening an issue.
- Parameters:
encapsulate (Encapsulate) – The function to test.
paramset (Paramset) – The parameter set to test the implementation on.
- Returns:
The results of testing the implementation, or None if the internal decapsulation function can’t run.
- Return type:
Results | None
Test a decapsulation function#
- crypto_condor.primitives.Kyber.test_decapsulate(decapsulate, paramset)#
Tests decapsulation with NIST test vectors.
Decapsulates a ciphertext with the given function and compares with the expected shared secret. The test passes if the secrets match.
- Parameters:
decapsulate (Decapsulate) – The function to test.
paramset (Paramset) – The parameter set to test the implementation on.
- Returns:
The results of testing the implementation.
- Return type:
Run a wrapper#
Note
Available wrappers are defined by Wrapper
.
- crypto_condor.primitives.Kyber.run_wrapper(language, parameter_set, run_encapsulate, run_decapsulate)#
Runs the corresponding wrapper.
- Parameters:
- Returns:
A dictionary of results, one result for encapsulation, one for decapsulation. The keys are
encap
anddecap
.- Return type:
Protocols#
- protocol crypto_condor.primitives.Kyber.Encapsulate#
Represents a function that encapsulates secrets with Kyber.
Classes that implement this protocol must have the following methods / attributes:
- __call__(public_key)#
Generates and encapsulates a shared secret.
- Parameters:
public_key (bytes) – The public key to encapsulate the secret with.
- Returns:
A tuple (ct, ss) containing the shared secret (ss) and ciphertext (ct).
- Return type:
tuple[bytes, bytes]
- protocol crypto_condor.primitives.Kyber.Decapsulate#
Represents a function that decapsulates secrets with Kyber.
Classes that implement this protocol must have the following methods / attributes:
- __call__(secret_key, ciphertext)#
Decapsulates a shared secret.
- Parameters:
secret_key (bytes) – The secret key to use.
ciphertext (bytes) – The encapsulated shared secret.
- Returns:
The decapsulated shared secret.
- Return type:
bytes