aboutsummaryrefslogtreecommitdiffstats
path: root/src/lib/pubkey/newhope
Commit message (Collapse)AuthorAgeFilesLines
* Add SHAKE-128 as stream cipherJack Lloyd2016-10-193-105/+91
| | | | | Updates NewHope to use that instead of the hard-coded SHAKE-128, and adds toggle for BoringSSL compat mode using AES-128/CTR + SHA-256.
* Add proper SHA-3Jack Lloyd2016-10-193-24/+11
| | | | | | | | | | Kind of a copy and paste of Keccak, but only a single copy of the permutation at least. Keccak depends on SHA-3 instead of the reverse, so that SHA-3 can be enabled without also bringing in an unapproved hash function. Updates newhope code and removes API function newhope_hash which was an unofficial SHA-3-256.
* Fix tests on things that are not little endianJack Lloyd2016-08-301-12/+6
|
* Avoid requiring alignment (think this was just for the AVX2 version)Jack Lloyd2016-08-302-37/+35
| | | | Change to standard int types
* Fix header guard, macro tidyJack Lloyd2016-08-302-5/+7
|
* Add NEWHOPE KEM schemeJack Lloyd2016-08-303-0/+658
Provides conjectured 200-bit security against a quantum attacker. Based on the public domain reference implementation at https://github.com/tpoeppelmann/newhope and bit-for-bit compatible with that version. Test vectors generated by the reference testvector.c