diff options
| author | fstrenzke <[email protected]> | 2014-12-06 15:22:46 +0000 |
|---|---|---|
| committer | lloyd <[email protected]> | 2014-12-06 15:22:46 +0000 |
| commit | 6082d3937f842ecebf0cb208b27a366917af0876 (patch) | |
| tree | 04470173e6f69de12fafd0aec07a7c05bd08b6dd /src/lib | |
| parent | 8a166c6a74e8818442fefcc452fdcf7752a0f239 (diff) | |
Add KEM scheme for McEliece
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/pubkey/mce/info.txt | 1 | ||||
| -rw-r--r-- | src/lib/pubkey/mce/mce_kem.cpp | 65 | ||||
| -rw-r--r-- | src/lib/pubkey/mce/mce_kem.h | 45 |
3 files changed, 111 insertions, 0 deletions
diff --git a/src/lib/pubkey/mce/info.txt b/src/lib/pubkey/mce/info.txt index 6c0da2199..bc4249422 100644 --- a/src/lib/pubkey/mce/info.txt +++ b/src/lib/pubkey/mce/info.txt @@ -6,6 +6,7 @@ gf2m_rootfind_dcmp.h gf2m_small_m.h goppa_code.h mce_overbeck_cca2.h +mce_kem.h mceliece.h mceliece_key.h polyn_gf2m.h diff --git a/src/lib/pubkey/mce/mce_kem.cpp b/src/lib/pubkey/mce/mce_kem.cpp new file mode 100644 index 000000000..31dc2cfe2 --- /dev/null +++ b/src/lib/pubkey/mce/mce_kem.cpp @@ -0,0 +1,65 @@ +/** + * (C) 2014 cryptosource GmbH + * (C) 2014 Falko Strenzke [email protected] + * + * Distributed under the terms of the Botan license + * + */ + +#include <botan/mce_kem.h> +#include <botan/sha2_64.h> + +namespace Botan { + +McEliece_KEM_Encryptor::McEliece_KEM_Encryptor(const McEliece_PublicKey& public_key) : + m_raw_pub_op(public_key, public_key.get_code_length()) + { + } + +std::pair<secure_vector<byte>, secure_vector<byte>> +McEliece_KEM_Encryptor::encrypt(RandomNumberGenerator& rng) + { + const McEliece_PublicKey& key = m_raw_pub_op.get_key(); + secure_vector<Botan::byte> plaintext((key.get_message_word_bit_length()+7)/8); + rng.randomize(&plaintext[0], plaintext.size() ); + + // unset unused bits in the last plaintext byte + u32bit used = key.get_message_word_bit_length() % 8; + if(used) + { + byte mask = (1 << used) - 1; + plaintext[plaintext.size() - 1] &= mask; + } + + secure_vector<gf2m> err_pos = create_random_error_positions(key.get_code_length(), key.get_t(), rng); + + mceliece_message_parts parts(err_pos, plaintext, key.get_code_length()); + secure_vector<Botan::byte> message_and_error_input = parts.get_concat(); + + SHA_512 hash; + hash.update(message_and_error_input); + secure_vector<byte> sym_key = hash.final(); + secure_vector<byte> ciphertext = m_raw_pub_op.encrypt(&message_and_error_input[0], + message_and_error_input.size(), rng); + + return std::make_pair(ciphertext, sym_key); + } + + +McEliece_KEM_Decryptor::McEliece_KEM_Decryptor(const McEliece_PrivateKey& mce_key) : + m_raw_priv_op(mce_key) + { + } + +secure_vector<Botan::byte> McEliece_KEM_Decryptor::decrypt(const byte msg[], size_t msg_len) + { + secure_vector<Botan::byte> message_and_error = m_raw_priv_op.decrypt(&msg[0], msg_len ); + + SHA_512 hash; + hash.update(message_and_error); + + secure_vector<byte> sym_key = hash.final(); + return sym_key; + } + +} diff --git a/src/lib/pubkey/mce/mce_kem.h b/src/lib/pubkey/mce/mce_kem.h new file mode 100644 index 000000000..4e46a0fab --- /dev/null +++ b/src/lib/pubkey/mce/mce_kem.h @@ -0,0 +1,45 @@ +/** + * (C) 2014 cryptosource GmbH + * (C) 2014 Falko Strenzke [email protected] + * + * Distributed under the terms of the Botan license + * + */ + +#ifndef BOTAN_MCE_KEM_H__ +#define BOTAN_MCE_KEM_H__ + +#include <botan/mceliece.h> +#include <utility> + +namespace Botan { + +class BOTAN_DLL McEliece_KEM_Encryptor + { + public: + McEliece_KEM_Encryptor(const McEliece_PublicKey& public_key); + + /** + * returns the pair (mceliece ciphertext, symmetric key) + */ + std::pair<secure_vector<byte>, secure_vector<byte>> encrypt(RandomNumberGenerator& rng); + + private: + McEliece_Public_Operation m_raw_pub_op; + }; + +class BOTAN_DLL McEliece_KEM_Decryptor + { + public: + McEliece_KEM_Decryptor(const McEliece_PrivateKey& mce_key); + + /** + * returns the derived 512-bit symmetric key + */ + secure_vector<Botan::byte> decrypt(const byte msg[], size_t msg_len); + private: + McEliece_Private_Operation m_raw_priv_op; + }; +} + +#endif /* h-guard */ |