It makes a little bit more sense to have GeneratePublicKey as a method
of PrivateKey. In this case code doesn't need to check if caller
provided pointer is nil. Object was created by NewPrivateKey(), so it
code can assume object was correctly initialized.
The old GeneratePublicKey was returning an error when caller provided
pointer was nil. As this possibility is now removed, method doesn't
return error anymore.
From/to bytes conversion will be refactored when p503 is introduced.
Patch splits part that uses field specific functions from part that
converts Fp element to bytes.
Patch also removes some testing helpers which are no longer needed.
Go 1.10 correctly translates MOVQ pseudo-instruction to MOV. It was
fixed in:
7b773946c0
We don't expect this library to compile with older version than Go 1.10
* implements SIKE specified here:
http://www.sike.org/files/SIDH-spec.pdf
* methods for both - KEM and PKE - are added
* adds SIKE specific key variant
* tests: known answer tests for sike
* uses cSHKAE from nobs-crypto
* tests: adds continues integration
* Makefile has targets for running tests, benchmarks and code coverage. It also
contains target for env preparation. In order to run sidh tests
GOPATH must contain p751toolbox package. I've chosen to manualy
copy this package to the temporary GOPATH directory. It could also be done
by calling "go get", but then any commit to both p751toolbox and sidh would need
to be done in 2 steps.
* .travis.yml calls make and uploads code coverage to Codecov
* move sidh to seperated folder
* sidh: updates algorithm to SIDHv3 and refactoring
* makes an algorithm compatible with Microsoft's SIDHv3
implementation. This is required to implement SIKE key
encapsulation mechanism, as specified in PQC NIST submission
from Nov, 30 2017
* removes SIDHBobPublicKey/SIDHAlicePublicKey/SIDHBobPrivateKey/
SIDHAlicePrivateKey. Instead PrivateKey and PublicKey structures
where introduced. Each of this structure stores variant of a key
A or B. Implementation uses a key variant in order to differentiate
between 2- and 3-torision groups.
Main goal of removing "Alice" and "Bob" specific structures is to
remove code duplication
* Introduces SidhParams: structure to store prime field and SIDH
domain parameters.
* Refactors public API. Introduces:
- Functions to generate, import, export keypair
- DeriveSecret function to create shared secret
- Supporting functions and types
* Removes code which is not used by implementation anymore, like
DistortAndDifference(), SecretPoint(), DblAdd(),
OkeyaSakuraiCoordinateRecovery() and many more. Also tests for those
functions are removed.
* Adds fixes for key import/export
- optimizations.md file removed.
- DblAdd function now is a method of ProjectivePoint and ProjectivePrimeFieldPoint.
- A better (re)utilization of variables inside of DblAdd method.
- Reflect package is not required anymore in p751toolbox/print.go.
Use "shared secret" instead of "key agreement" to point out that there's no hashing, key derivation, etc. going on.
Measure the keypair generation (including random sampling) in the "fast" benchmarks.
A later revision of the CLN paper uses the Montgomery relation to recover the a
value from the three x-coordinates in the public key, saving its transmission.
This patch improves slightly over the description in the paper, by
projectivizing the computation of the first four-isogeny; this means that it's
not necessary to perform an inversion to get the affine a value.