From a1c6311980a1527a8998fced71c6488b3585e2e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Linus=20F=C3=A4rnstrand?= Date: Thu, 4 Jul 2024 12:45:43 +0200 Subject: [PATCH] Document that it is round3 of the Kyber KEM we are using --- talpid-tunnel-config-client/examples/tuncfg-server.rs | 1 + talpid-tunnel-config-client/proto/ephemeralpeer.proto | 2 +- talpid-tunnel-config-client/src/kyber.rs | 3 +++ 3 files changed, 5 insertions(+), 1 deletion(-) diff --git a/talpid-tunnel-config-client/examples/tuncfg-server.rs b/talpid-tunnel-config-client/examples/tuncfg-server.rs index 928587e96813..306a425ff4e4 100644 --- a/talpid-tunnel-config-client/examples/tuncfg-server.rs +++ b/talpid-tunnel-config-client/examples/tuncfg-server.rs @@ -51,6 +51,7 @@ impl EphemeralPeer for EphemeralPeerImpl { classic_mceliece_rust::encapsulate_boxed(&public_key, &mut rng); (ciphertext.as_array().to_vec(), *shared_secret.as_array()) } + // Kyber round3 "Kyber1024" => { let public_key = kem_pubkey.key_data.as_slice(); let (ciphertext, shared_secret) = diff --git a/talpid-tunnel-config-client/proto/ephemeralpeer.proto b/talpid-tunnel-config-client/proto/ephemeralpeer.proto index bb49eb5598b1..d247e8bcb34b 100644 --- a/talpid-tunnel-config-client/proto/ephemeralpeer.proto +++ b/talpid-tunnel-config-client/proto/ephemeralpeer.proto @@ -46,7 +46,7 @@ message EphemeralPeerRequestV1 { // The v1 request supports exactly two algorithms. // The algorithms can appear soletary or in mixed order: // - "Classic-McEliece-460896f", but explicitly identified as "Classic-McEliece-460896f-round3" -// - "Kyber1024" +// - "Kyber1024", this is round3 of the Kyber KEM message PostQuantumRequestV1 { repeated KemPubkeyV1 kem_pubkeys = 1; } message KemPubkeyV1 { diff --git a/talpid-tunnel-config-client/src/kyber.rs b/talpid-tunnel-config-client/src/kyber.rs index 003c88dc484d..706f05604139 100644 --- a/talpid-tunnel-config-client/src/kyber.rs +++ b/talpid-tunnel-config-client/src/kyber.rs @@ -1,3 +1,6 @@ +//! This module implements the Kyber round3 KEM as specified in: +//! https://pq-crystals.org/kyber/data/kyber-specification-round3.pdf + use pqc_kyber::KYBER_CIPHERTEXTBYTES; pub use pqc_kyber::{keypair, KyberError, SecretKey};