| cmce.cpp |
|
6004 |
| cmce.h |
Classic McEliece is a Code-Based KEM. It is a round 4 candidate in NIST's PQC competition.
It is endorsed by the German Federal Office for Information Security (BSI) for its conservative security
assumptions and a corresponding draft for an ISO standard has been prepared. Both NIST and ISO parameter
sets are implemented here. See https://classic.mceliece.org/ for the specifications and other details.
Advantages of Classic McEliece:
- Conservative post-quantum security assumptions
- Very fast encapsulation
- Fast decapsulation
Disadvantages of Classic McEliece:
- Very large public keys (0.26 MB - 1.36 MB)
- Relatively slow key generation
- Algorithm is complex and hard to implement side-channel resistant
|
5320 |
| cmce_decaps.cpp |
|
6915 |
| cmce_decaps.h |
Classic McEliece Decapsulation Operation
|
3465 |
| cmce_encaps.cpp |
|
5445 |
| cmce_encaps.h |
Classic McEliece Encapsulation Operation
|
2147 |
| cmce_field_ordering.cpp |
@brief Create permutation pi as in (Section 8.2, Step 3).
@param a The vector that is sorted
@return (pi sorted after a, a sorted after pi)
|
11345 |
| cmce_field_ordering.h |
@brief Represents a field ordering for the Classic McEliece cryptosystem.
Field ordering corresponds to the permutation pi defining the alpha sequence in
the Classic McEliece specification (see Classic McEliece ISO Sec. 8.2.).
|
4129 |
| cmce_gf.cpp |
|
2342 |
| cmce_gf.h |
@brief Represents an element of the finite field GF(q) for q = 2^m.
This class implements the finite field GF(q) for q = 2^m via the irreducible
polynomial f(z) of degree m. The elements of GF(q) are represented as polynomials
of degree m-1 with coefficients in GF(2). Each element and the modulus is
represented by a uint16_t, where the i-th least significant bit corresponds to
the coefficient of z^i. For example, the element (z^3 + z^2 + 1) is represented
by the uint16_t 0b1101.
|
6695 |
| cmce_keys_internal.cpp |
@brief Try to generate a Classic McEliece keypair for a given seed.
@param[out] out_next_seed The next seed to use for key generation, if this iteration fails
@param params Classic McEliece parameters
@param seed The seed to used for this key generation iteration
@return a keypair on success, std::nullopt otherwise
|
7354 |
| cmce_keys_internal.h |
@brief Representation of a Classic McEliece public key.
This class represents a Classic McEliece public key. It is used internally by the Classic McEliece
public key class and contains the following data:
- The Classic McEliece parameters
- The public key matrix
|
7877 |
| cmce_matrix.cpp |
|
12379 |
| cmce_matrix.h |
@brief Representation of the binary Classic McEliece matrix H, with H = (I_mt | T).
Only the bytes of the submatrix T are stored.
|
4647 |
| cmce_parameter_set.cpp |
|
4025 |
| cmce_parameter_set.h |
All Classic McEliece parameter sets defined in the NIST Round 4
submission and the Classic McEliece ISO Draft.
Instances are defined in the following format:
mceliece{n}{t}{[pc]}{[f]}
Instance with 'pc' use plaintext confirmation as defined in the ISO Draft.
Instance with 'f' use matrix reduction with the semi-systematic form.
|
2432 |
| cmce_parameters.cpp |
|
9133 |
| cmce_parameters.h |
Container for all Classic McEliece parameters.
|
9714 |
| cmce_poly.cpp |
|
5760 |
| cmce_poly.h |
@brief Representation of a Classic McEliece polynomial.
This class represents a polynomial in the ring GF(q)[y]. E.g an example element of degree 2 could be:
a = (z^3+1)y^2 + (z)y + (z^4+z^3)
The degree of the polynomial is given by the size of the coefficient vector given to
the constructor, even if the leading coefficient is zero. Coefficients are stored from
lowest to highest monomial degree (coef_at(0) = (z^4+z^3) in the example above).
This class is merely a container. The modulus and the operations with Polynomials (e.g. multiplication)
is handled by the Classic_McEliece_Polynomial_Ring class.
|
6476 |
| cmce_types.h |
|
2060 |
| info.txt |
|
395 |