PQLR
Postquantum Crypto Library by QAPP
Kryzhovnik signature scheme

Typedefs

typedef struct kryzhovnik_st * kryzhovnik_t
 kryzhovnik algorithm instance handle More...
 

Enumerations

enum  kryzhovnik_parameterset_t { kryzhovnik_default, kryzhovnik_last }
 Possible kryzhovnik parameters sets. More...
 

Functions

PQLR_API kryzhovnik_t kryzhovnik_new (kryzhovnik_parameterset_t parameterset)
 Creates new kryzhovnik instance with selected parameter set. More...
 
PQLR_API void kryzhovnik_free (kryzhovnik_t kryzhovnik)
 Frees kryzhovnik instance and all corresponding resources. More...
 
PQLR_API kryzhovnik_t kryzhovnik_duplicate (const kryzhovnik_t kryzhovnik)
 Duplicates context of kryzhovnik instance. More...
 
PQLR_API pqlr_t kryzhovnik_to_pqlr (kryzhovnik_t kryzhovnik)
 Casts kryzhovnik instance to pqlr instance. More...
 
PQLR_API size_t kryzhovnik_get_public_key_bytes_len (const kryzhovnik_t kryzhovnik)
 Obtains public key buffer length in bytes for current kryzhovnik instance. More...
 
PQLR_API size_t kryzhovnik_get_secret_key_bytes_len (const kryzhovnik_t kryzhovnik)
 Obtains secret key buffer length in bytes for current kryzhovnik instance. More...
 
PQLR_API size_t kryzhovnik_get_signature_bytes_len (kryzhovnik_t kryzhovnik)
 Obtains signature buffer length in bytes for current kryzhovnik instance. More...
 
PQLR_API void kryzhovnik_generate_keys (const kryzhovnik_t kryzhovnik, uint8_t *result_sk, uint8_t *result_pk)
 Generates random secret key and public key for given context. More...
 
PQLR_API void kryzhovnik_sign (const kryzhovnik_t kryzhovnik, const uint8_t *sk, const uint8_t *msg, size_t msg_len, uint8_t *result_sig, size_t *result_sig_len)
 Generates signature for given message according to context and secret key. More...
 
PQLR_API int kryzhovnik_verify (const kryzhovnik_t kryzhovnik, const uint8_t *pk, const uint8_t *sig, size_t sig_len, const uint8_t *msg, size_t msg_len)
 Verifies that given signature is the signature of given message. More...
 

Detailed Description

This module provides Kryzhovnik algorithm implementation, whose security is based on the hardness of finding short vectors in lattices.

General usage

At first, initialize algorithm's instance with parameters you want with kryzhovnik_new(). After that, you can generate secret and public keys using kryzhovnik_generate_keys, or sign your message with kryzhovnik_sign, or verify message wasn't changed with kryzhovnik_verify. You are able to interact with this algorithm likewise pqlr_t instance (change error handler, source of entropy input, e.t.c) via kryzhovnik_to_pqlr() call.

After there are no more need in signature scheme it's resources must be made free by kryzhovnik_free.

In order to use any Kryzhovnik signature scheme functions, add the following include:

Example code is listed below:

#include <stdlib.h>
void use_new(void)
{
// free resources
kryzhovnik_free(kryzhovnik);
}
void use_generate_keys(void)
{
const size_t sk_len = kryzhovnik_get_secret_key_bytes_len(kryzhovnik);
const size_t pk_len = kryzhovnik_get_public_key_bytes_len(kryzhovnik);
uint8_t* sk = (uint8_t*)calloc(sk_len, sizeof(uint8_t));
uint8_t* pk = (uint8_t*)calloc(pk_len, sizeof(uint8_t));
kryzhovnik_generate_keys(kryzhovnik, sk, pk);
// free resources
free(pk);
free(sk);
kryzhovnik_free(kryzhovnik);
}
void use_sign(void)
{
const size_t sk_len = kryzhovnik_get_secret_key_bytes_len(kryzhovnik);
const size_t pk_len = kryzhovnik_get_public_key_bytes_len(kryzhovnik);
// get secret key from somewhere
uint8_t* sk = (uint8_t*)calloc(sk_len, sizeof(uint8_t));
uint8_t* pk = (uint8_t*)calloc(pk_len, sizeof(uint8_t));
size_t sig_len = kryzhovnik_get_signature_bytes_len(kryzhovnik);
uint8_t* sig = (uint8_t*)calloc(sig_len, sizeof(uint8_t));
unsigned char msg[] = "test";
kryzhovnik_sign(kryzhovnik, sk, msg, sizeof(msg), sig, &sig_len);
// free resources
free(sig);
free(pk);
free(sk);
kryzhovnik_free(kryzhovnik);
}
void use_verify(void)
{
const size_t pk_len = kryzhovnik_get_public_key_bytes_len(kryzhovnik);
const size_t sig_len = kryzhovnik_get_signature_bytes_len(kryzhovnik);
// get public key and signature from somewhere
uint8_t* pk = (uint8_t*)calloc(pk_len, sizeof(uint8_t));
uint8_t* sig = (uint8_t*)calloc(sig_len, sizeof(uint8_t));
unsigned char msg[] = "test";
int res = kryzhovnik_verify(kryzhovnik, pk, sig, sig_len, msg, sizeof(msg));
// free resources
free(sig);
free(pk);
kryzhovnik_free(kryzhovnik);
}
int main(void)
{
use_new();
use_generate_keys();
use_sign();
use_verify();
}

Typedef Documentation

◆ kryzhovnik_t

typedef struct kryzhovnik_st* kryzhovnik_t

kryzhovnik algorithm instance handle

Note
It could be casted to pqlr_t instance linked to this handle
See also
kryzhovnik_to_pqlr

Enumeration Type Documentation

◆ kryzhovnik_parameterset_t

Possible kryzhovnik parameters sets.

Enumerator
kryzhovnik_default 
kryzhovnik_last 

Function Documentation

◆ kryzhovnik_duplicate()

PQLR_API kryzhovnik_t kryzhovnik_duplicate ( const kryzhovnik_t  kryzhovnik)

Duplicates context of kryzhovnik instance.

Parameters
kryzhovnikinstance to duplicate
Returns
new instance with a duplicated context

◆ kryzhovnik_free()

PQLR_API void kryzhovnik_free ( kryzhovnik_t  kryzhovnik)

Frees kryzhovnik instance and all corresponding resources.

Parameters
[in]kryzhovnikinstance to free
See also
kryzhovnik_t
kryzhovnik_new

◆ kryzhovnik_generate_keys()

PQLR_API void kryzhovnik_generate_keys ( const kryzhovnik_t  kryzhovnik,
uint8_t *  result_sk,
uint8_t *  result_pk 
)

Generates random secret key and public key for given context.

Usage:

const size_t sk_len = kryzhovnik_get_secret_key_bytes_len(kryzhovnik);
const size_t pk_len = kryzhovnik_get_public_key_bytes_len(kryzhovnik);
uint8_t* sk = (uint8_t*)calloc(sk_len, sizeof(uint8_t));
uint8_t* pk = (uint8_t*)calloc(pk_len, sizeof(uint8_t));
kryzhovnik_generate_keys(kryzhovnik, sk, pk);
Parameters
[in]kryzhovnikInstance of kryzhovnik created with kryzhovnik_new(). If NULL, the fatal error occurs.
[out]result_skContiguous array to receive secret key, of size kryzhovnik_get_secret_key_bytes_len. If NULL, the fatal error occurs.
[out]result_pkContiguous array to receive public key, of size kryzhovnik_get_public_key_bytes_len. If NULL, the fatal error occurs.
See also
kryzhovnik_new
kryzhovnik_get_secret_key_bytes_len
kryzhovnik_get_public_key_bytes_len

◆ kryzhovnik_get_public_key_bytes_len()

PQLR_API size_t kryzhovnik_get_public_key_bytes_len ( const kryzhovnik_t  kryzhovnik)

Obtains public key buffer length in bytes for current kryzhovnik instance.

Parameters
[in]kryzhovnikinitialized kryzhovnik instance
See also
kryzhovnik_t
kryzhovnik_new
Returns
public key buffer length in bytes

◆ kryzhovnik_get_secret_key_bytes_len()

PQLR_API size_t kryzhovnik_get_secret_key_bytes_len ( const kryzhovnik_t  kryzhovnik)

Obtains secret key buffer length in bytes for current kryzhovnik instance.

Parameters
[in]kryzhovnikinitialized kryzhovnik instance
See also
kryzhovnik_t
kryzhovnik_new
Returns
secret key buffer length in bytes

◆ kryzhovnik_get_signature_bytes_len()

PQLR_API size_t kryzhovnik_get_signature_bytes_len ( kryzhovnik_t  kryzhovnik)

Obtains signature buffer length in bytes for current kryzhovnik instance.

Parameters
[in]kryzhovnikinitialized kryzhovnik instance
See also
kryzhovnik_t
kryzhovnik_new
Returns
signature buffer length in bytes

◆ kryzhovnik_new()

PQLR_API kryzhovnik_t kryzhovnik_new ( kryzhovnik_parameterset_t  parameterset)

Creates new kryzhovnik instance with selected parameter set.

Usage:

Parameters
[in]parametersetavailable set of parameters for kryzhovnik algorithm
Returns
initialized kryzhovnik instance or NULL if out of memory

◆ kryzhovnik_sign()

PQLR_API void kryzhovnik_sign ( const kryzhovnik_t  kryzhovnik,
const uint8_t *  sk,
const uint8_t *  msg,
size_t  msg_len,
uint8_t *  result_sig,
size_t *  result_sig_len 
)

Generates signature for given message according to context and secret key.

Usage:

const size_t sk_len = kryzhovnik_get_secret_key_bytes_len(kryzhovnik);
const size_t pk_len = kryzhovnik_get_public_key_bytes_len(kryzhovnik);
// get secret key from somewhere
uint8_t* sk = (uint8_t*)calloc(sk_len, sizeof(uint8_t));
uint8_t* pk = (uint8_t*)calloc(pk_len, sizeof(uint8_t));
size_t sig_len = kryzhovnik_get_signature_bytes_len(kryzhovnik);
uint8_t* sig = (uint8_t*)calloc(sig_len, sizeof(uint8_t));
unsigned char msg[] = "test";
kryzhovnik_sign(kryzhovnik, sk, msg, sizeof(msg), sig, &sig_len);
Note
In contrast to the most of other signature schemes, this function requires public key to be passed as an argument.
Parameters
[in]kryzhovnikInstance of kryzhovnik created with kryzhovnik_new(). If NULL, the fatal error occurs.
[in]skSecret key, the contiguous array of size kryzhovnik_get_secret_key_bytes_len. If NULL, the fatal error occurs.
[in]msgMessage to generate signature of, the contiguous array. If NULL, the fatal error occurs.
[in]msg_lenThe length of a message in bytes. If 0, the fatal error occurs.
[out]result_sigContiguous array to receive signature, of size kryzhovnik_get_signature_bytes_len. If NULL, the fatal error occurs.
[out]result_sig_lenThe length of a signature in bytes. If NULL, the fatal error occurs.
See also
kryzhovnik_get_secret_key_bytes_len
kryzhovnik_get_signature_bytes_len

◆ kryzhovnik_to_pqlr()

PQLR_API pqlr_t kryzhovnik_to_pqlr ( kryzhovnik_t  kryzhovnik)

Casts kryzhovnik instance to pqlr instance.

Parameters
[in]kryzhovnikinitialized kryzhovnik instance
Note
this pqlr instance will be released by kryzhovnik_free
See also
kryzhovnik_t
pqlr_t
kryzhovnik_free
Returns
operable pqlr instance or NULL if kryzhovnik is NULL

◆ kryzhovnik_verify()

PQLR_API int kryzhovnik_verify ( const kryzhovnik_t  kryzhovnik,
const uint8_t *  pk,
const uint8_t *  sig,
size_t  sig_len,
const uint8_t *  msg,
size_t  msg_len 
)

Verifies that given signature is the signature of given message.

Usage:

const size_t pk_len = kryzhovnik_get_public_key_bytes_len(kryzhovnik);
const size_t sig_len = kryzhovnik_get_signature_bytes_len(kryzhovnik);
// get public key and signature from somewhere
uint8_t* pk = (uint8_t*)calloc(pk_len, sizeof(uint8_t));
uint8_t* sig = (uint8_t*)calloc(sig_len, sizeof(uint8_t));
unsigned char msg[] = "test";
int res = kryzhovnik_verify(kryzhovnik, pk, sig, sig_len, msg, sizeof(msg));
Parameters
[in]kryzhovnikContext, initialized with kryzhovnik_new(). If NULL, the fatal error occurs.
[in]pkPublic key, the contiguous array of size kryzhovnik_get_public_key_bytes_len. If NULL, the fatal error occurs.
[in]sigSignature, the contiguous array of size `kryzhovnik_get_signature_bytes_len'. If NULL, the fatal error occurs.
[in]sig_lenThe length of a signature in bytes.
[in]msgMessage to verify signature of, the contiguous array. If NULL, the fatal error occurs.
[in]msg_lenThe length of a message in bytes. If 0, the fatal error occurs.
Returns
0 if given signature is the signature of given message, otherwise non-zero value.
See also
kryzhovnik_get_signature_bytes_len
kryzhovnik_get_public_key_bytes_len