Merge pull request #62 from drcapybara/feat/ml-kem-encryptions

feat: ML-KEM initial support
Dustin-Ray · Jun 28, 2024 · 013808e · 013808e
2 parents 4befdd8 + 98bfd59
commit 013808e
Show file tree

Hide file tree

Showing 23 changed files with 1,544 additions and 1,540 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,10 +1,10 @@
 [package]
 name = "capycrypt"
-version = "0.6.5"
+version = "0.7.0"
 edition = "2021"
 
 license = "MIT"
-keywords = ["aes", "sha3", "elliptic-curve", "ed448", "schnorr"]
+keywords = ["aes", "sha3", "elliptic-curve", "ed448", "mlkem"]
 readme = "README.md"
 authors = ["Dustin Ray (Dr. Capybara) <[email protected]>", "Hunter Richardson (HLRichardson-Git) <[email protected]>"]
 description = "An academic exercise in cryptographic algorithm design, pairing NIST FIPS 202 with a variety of Edwards curves."
@@ -19,16 +19,15 @@ byteorder = {version = "1.4.3"}
 chrono = {version = "0.4.23"}
 criterion = "0.3"
 crypto-bigint = {version = "0.5.3", features = ["serde", "alloc"]}
-fiat-crypto = "0.2.2"
 rand = "0.8"
-num-bigint = { version = "0.4", features = ["rand"] }
 tiny_ed448_goldilocks = { version = "0.1.8"}
 aes = "0.8.3"
 rayon = "1.5"
 structopt = "0.3"
 serde = { version = "1.0", features = ["alloc", "derive"] }
 serde_json = "1.0"
 tempfile = "3.2"
+capy_kem = "0.1.7"
 
 [[bench]]
 name = "benchmark_sha3"

diff --git a/benches/benchmark_aes.rs b/benches/benchmark_aes.rs
@@ -1,6 +1,7 @@
 use capycrypt::aes::aes_functions::{apply_pcks7_padding, remove_pcks7_padding};
+use capycrypt::aes::encryptable::AesEncryptable;
 use capycrypt::sha3::aux_functions::byte_utils::get_random_bytes;
-use capycrypt::{AesEncryptable, Message};
+use capycrypt::Message;
 use criterion::{black_box, criterion_group, criterion_main, Criterion};
 use rand::{distributions::Alphanumeric, Rng};
 
@@ -77,23 +78,23 @@ fn sym_enc_rust_aes(key: &[u8], data: &[u8]) -> Vec<u8> {
 }
 
 /// Symmetric encrypt and decrypt roundtrip
-fn sym_cbc_enc(key: &mut Vec<u8>, data: &[u8]) {
+fn sym_cbc_enc(key: &[u8], data: &[u8]) {
     let mut msg = Message::new(data.to_owned());
-    let _ = msg.aes_encrypt_cbc(&key);
-    let _ = msg.aes_decrypt_cbc(&key);
+    let _ = msg.aes_encrypt_cbc(key);
+    let _ = msg.aes_decrypt_cbc(key);
 }
 
 /// Symmetric encrypt and decrypt roundtrip for AES in CTR mode
-fn sym_ctr_enc(key: &mut Vec<u8>, data: &[u8]) {
+fn sym_ctr_enc(key: &[u8], data: &[u8]) {
     let mut msg = Message::new(data.to_owned());
-    let _ = msg.aes_encrypt_ctr(&key);
-    let _ = msg.aes_decrypt_ctr(&key);
+    let _ = msg.aes_encrypt_ctr(key);
+    let _ = msg.aes_decrypt_ctr(key);
 }
 
 // Benchmark AES encryption and decryption roundtrip
 fn bench_aes_cbc_enc(c: &mut Criterion) {
     let data = generate_random_data(5 * 1024 * 1024);
-    let mut key = get_random_bytes(32); // Generate key if needed
+    let key = get_random_bytes(32); // Generate key if needed
 
     c.bench_function("Rust AES-256-CBC Encrypt + Decrypt Roundtrip", |b| {
         b.iter(|| {
@@ -103,19 +104,19 @@ fn bench_aes_cbc_enc(c: &mut Criterion) {
 
     c.bench_function("capyCRYPT AES-256-CBC Encrypt + Decrypt Roundtrip", |b| {
         b.iter(|| {
-            sym_cbc_enc(&mut key, black_box(&data));
+            sym_cbc_enc(&key, black_box(&data));
         });
     });
 }
 
 // Benchmark AES encryption and decryption roundtrip
 fn bench_aes_ctr_enc(c: &mut Criterion) {
     let data = generate_random_data(5 * 1024 * 1024);
-    let mut key = get_random_bytes(32); // Generate key if needed
+    let key = get_random_bytes(32); // Generate key if needed
 
     c.bench_function("capyCRYPT AES-256-CTR Encrypt + Decrypt Roundtrip", |b| {
         b.iter(|| {
-            sym_ctr_enc(&mut key, black_box(&data));
+            sym_ctr_enc(&key, black_box(&data));
         });
     });
 }

diff --git a/benches/benchmark_e448_224.rs b/benches/benchmark_e448_224.rs
@@ -1,26 +1,30 @@
+use capycrypt::ecc::encryptable::KeyEncryptable;
+use capycrypt::ecc::keypair::KeyPair;
+use capycrypt::ecc::signable::Signable;
 use capycrypt::sha3::aux_functions::byte_utils::get_random_bytes;
+use capycrypt::sha3::encryptable::SpongeEncryptable;
 use capycrypt::SecParam::D224;
-use capycrypt::{KeyEncryptable, KeyPair, Message, SecParam, Signable, SpongeEncryptable};
+use capycrypt::{Message, SecParam};
 use criterion::{criterion_group, criterion_main, Criterion};
 
 const BIT_SECURITY: SecParam = D224;
 
 /// Symmetric encrypt and decrypt roundtrip
-fn sym_enc(pw: &mut Vec<u8>, mut msg: Message) {
-    let _ = msg.sha3_encrypt(&pw, &BIT_SECURITY);
-    let _ = msg.sha3_decrypt(&pw);
+fn sym_enc(pw: &[u8], mut msg: Message) {
+    let _ = msg.sha3_encrypt(pw, &BIT_SECURITY);
+    let _ = msg.sha3_decrypt(pw);
 }
 
 /// Asymmetric encrypt and decrypt roundtrip + keygen
-fn key_gen_enc_dec(pw: &mut Vec<u8>, mut msg: Message) {
+fn key_gen_enc_dec(pw: &[u8], mut msg: Message) {
     let key_pair = KeyPair::new(pw, "test key".to_string(), &BIT_SECURITY).unwrap();
     let _ = msg.key_encrypt(&key_pair.pub_key, &BIT_SECURITY);
     let _ = msg.key_decrypt(&key_pair.priv_key);
 }
 
 /// Signature generation + verification roundtrip
-pub fn sign_verify(mut key_pair: KeyPair, mut msg: Message) {
-    let _ = msg.sign(&mut key_pair, &BIT_SECURITY);
+pub fn sign_verify(key_pair: KeyPair, mut msg: Message) {
+    let _ = msg.sign(&key_pair, &BIT_SECURITY);
     let _ = msg.verify(&key_pair.pub_key);
 }
 
@@ -39,7 +43,7 @@ fn bench_sym_enc(c: &mut Criterion) {
     c.bench_function("SHA3-224 Symmetric enc + dec", |b| {
         b.iter(|| {
             sym_enc(
-                &mut get_random_bytes(64),
+                &get_random_bytes(64),
                 Message::new(get_random_bytes(5242880)),
             )
         });
@@ -50,7 +54,7 @@ fn bench_key_gen_enc_dec(c: &mut Criterion) {
     c.bench_function("e448 + SHA3-224 Asymmetric enc + dec", |b| {
         b.iter(|| {
             key_gen_enc_dec(
-                &mut KeyPair::new(&get_random_bytes(32), "test key".to_string(), &BIT_SECURITY)
+                &KeyPair::new(&get_random_bytes(32), "test key".to_string(), &BIT_SECURITY)
                     .unwrap()
                     .priv_key,
                 Message::new(get_random_bytes(5242880)),

diff --git a/benches/benchmark_e448_512.rs b/benches/benchmark_e448_512.rs
@@ -1,26 +1,30 @@
+use capycrypt::ecc::encryptable::KeyEncryptable;
+use capycrypt::ecc::keypair::KeyPair;
+use capycrypt::ecc::signable::Signable;
 use capycrypt::sha3::aux_functions::byte_utils::get_random_bytes;
+use capycrypt::sha3::encryptable::SpongeEncryptable;
 use capycrypt::SecParam::D512;
-use capycrypt::{KeyEncryptable, KeyPair, Message, SecParam, Signable, SpongeEncryptable};
+use capycrypt::{Message, SecParam};
 use criterion::{criterion_group, criterion_main, Criterion};
 
 const BIT_SECURITY: SecParam = D512;
 
 /// Symmetric encrypt and decrypt roundtrip
-fn sym_enc(pw: &mut Vec<u8>, mut msg: Message) {
-    let _ = msg.sha3_encrypt(&pw, &BIT_SECURITY);
-    let _ = msg.sha3_decrypt(&pw);
+fn sym_enc(pw: &[u8], mut msg: Message) {
+    let _ = msg.sha3_encrypt(pw, &BIT_SECURITY);
+    let _ = msg.sha3_decrypt(pw);
 }
 
 /// Asymmetric encrypt and decrypt roundtrip + keygen
-fn key_gen_enc_dec(pw: &mut Vec<u8>, mut msg: Message) {
+fn key_gen_enc_dec(pw: &[u8], mut msg: Message) {
     let key_pair = KeyPair::new(pw, "test key".to_string(), &BIT_SECURITY).unwrap();
     let _ = msg.key_encrypt(&key_pair.pub_key, &BIT_SECURITY);
     let _ = msg.key_decrypt(&key_pair.priv_key);
 }
 
 /// Signature generation + verification roundtrip
-pub fn sign_verify(mut key_pair: KeyPair, mut msg: Message) {
-    let _ = msg.sign(&mut key_pair, &BIT_SECURITY);
+pub fn sign_verify(key_pair: KeyPair, mut msg: Message) {
+    let _ = msg.sign(&key_pair, &BIT_SECURITY);
     let _ = msg.verify(&key_pair.pub_key);
 }
 
@@ -39,7 +43,7 @@ fn bench_sym_enc(c: &mut Criterion) {
     c.bench_function("SHA3-512 Symmetric enc + dec 5mb", |b| {
         b.iter(|| {
             sym_enc(
-                &mut get_random_bytes(64),
+                &get_random_bytes(64),
                 Message::new(get_random_bytes(5242880)),
             )
         });
@@ -50,7 +54,7 @@ fn bench_key_gen_enc_dec(c: &mut Criterion) {
     c.bench_function("e448 + SHA3-512 Asymmetric enc + dec 5mb", |b| {
         b.iter(|| {
             key_gen_enc_dec(
-                &mut KeyPair::new(&get_random_bytes(32), "test key".to_string(), &BIT_SECURITY)
+                &KeyPair::new(&get_random_bytes(32), "test key".to_string(), &BIT_SECURITY)
                     .unwrap()
                     .priv_key,
                 Message::new(get_random_bytes(5242880)),

diff --git a/benches/benchmark_sha3.rs b/benches/benchmark_sha3.rs
@@ -1,4 +1,5 @@
-use capycrypt::{Hashable, Message, SecParam};
+use capycrypt::sha3::hashable::Hashable;
+use capycrypt::{Message, SecParam};
 
 use capycrypt::sha3::aux_functions::byte_utils::get_random_bytes;
 use capycrypt::SecParam::D256;
@@ -8,7 +9,7 @@ const BIT_SECURITY: SecParam = D256;
 
 /// hash 5mb of random data with 128 bits of security
 fn sha3_digest(mut msg: Message) {
-    let _ = msg.compute_hash_sha3(&BIT_SECURITY);
+    let _ = msg.compute_sha3_hash(&BIT_SECURITY);
 }
 
 fn bench_sha3_digest(c: &mut Criterion) {