Kryzhovnik signature scheme

Typedefs
typedef struct kryzhovnik_st *	kryzhovnik_t
	kryzhovnik algorithm instance handle More...

Enumerations
enum	kryzhovnik_parameterset_t { kryzhovnik_default , kryzhovnik_last }
	Possible kryzhovnik parameters sets. More...

Functions
PQLR_API kryzhovnik_t	kryzhovnik_new (kryzhovnik_parameterset_t parameterset)
	Creates new kryzhovnik instance with selected parameter set. More...
PQLR_API void	kryzhovnik_free (kryzhovnik_t kryzhovnik)
	Frees kryzhovnik instance and all corresponding resources. More...
PQLR_API kryzhovnik_t	kryzhovnik_duplicate (const kryzhovnik_t kryzhovnik)
	Duplicates context of kryzhovnik instance. More...
PQLR_API pqlr_t	kryzhovnik_to_pqlr (kryzhovnik_t kryzhovnik)
	Gets pqlr instance linked to this kryzhovnik instance. More...
PQLR_API size_t	kryzhovnik_get_public_key_bytes_len (const kryzhovnik_t kryzhovnik)
	Obtains public key buffer length in bytes for current kryzhovnik instance. More...
PQLR_API size_t	kryzhovnik_get_secret_key_bytes_len (const kryzhovnik_t kryzhovnik)
	Obtains secret key buffer length in bytes for current kryzhovnik instance. More...
PQLR_API size_t	kryzhovnik_get_signature_bytes_len (kryzhovnik_t kryzhovnik)
	Obtains signature buffer length in bytes for current kryzhovnik instance. More...
PQLR_API void	kryzhovnik_generate_keys (const kryzhovnik_t kryzhovnik, uint8_t *result_sk, uint8_t *result_pk)
	Generates random secret key and public key for given context. More...
PQLR_API void	kryzhovnik_sign (const kryzhovnik_t kryzhovnik, const uint8_t *sk, const uint8_t *msg, size_t msg_len, uint8_t *result_sig, size_t *result_sig_len)
	Generates signature for given message according to context and secret key. More...
PQLR_API int	kryzhovnik_verify (const kryzhovnik_t kryzhovnik, const uint8_t *pk, const uint8_t *sig, size_t sig_len, const uint8_t *msg, size_t msg_len)
	Verifies that given signature is the signature of given message. More...

Detailed Description

This module provides Kryzhovnik algorithm implementation, whose security is based on the hardness of finding short vectors in lattices.

General usage

At first, initialize algorithm's instance with parameters you want with kryzhovnik_new(). After that, you can generate secret and public keys using kryzhovnik_generate_keys, then sign your message with kryzhovnik_sign, or verify message wasn't changed with kryzhovnik_verify. You are able to interact with this algorithm likewise pqlr_t instance (change error handler, source of entropy input, e.t.c) via kryzhovnik_to_pqlr() call.

After the signature scheme is no more needed it's resources must freed by kryzhovnik_free.

In order to use any Kryzhovnik signature scheme functions, add the following include:

#include <pqlr/kryzhovnik/kryzhovnik.h>

Example code is listed below:

#include <pqlr/kryzhovnik/kryzhovnik.h>
 
#include <stdlib.h>
 
void use_new(void)
{
    kryzhovnik_t kryzhovnik = kryzhovnik_new(kryzhovnik_default);
 
    // free resources
    kryzhovnik_free(kryzhovnik);
}
 
 
void use_generate_keys(void)
{
    kryzhovnik_t kryzhovnik = kryzhovnik_new(kryzhovnik_default);
    const size_t sk_len = kryzhovnik_get_secret_key_bytes_len(kryzhovnik);
    const size_t pk_len = kryzhovnik_get_public_key_bytes_len(kryzhovnik);
    uint8_t* sk = (uint8_t*)calloc(sk_len, sizeof(uint8_t));
    uint8_t* pk = (uint8_t*)calloc(pk_len, sizeof(uint8_t));
    kryzhovnik_generate_keys(kryzhovnik, sk, pk);
 
    // free resources
    free(pk);
    free(sk);
    kryzhovnik_free(kryzhovnik);
}
 
 
void use_sign(void)
{
    kryzhovnik_t kryzhovnik = kryzhovnik_new(kryzhovnik_default);
    const size_t sk_len = kryzhovnik_get_secret_key_bytes_len(kryzhovnik);
    const size_t pk_len = kryzhovnik_get_public_key_bytes_len(kryzhovnik);
    // get secret key from somewhere
    uint8_t* sk = (uint8_t*)calloc(sk_len, sizeof(uint8_t));
    uint8_t* pk = (uint8_t*)calloc(pk_len, sizeof(uint8_t));
    size_t sig_len = kryzhovnik_get_signature_bytes_len(kryzhovnik);
    uint8_t* sig = (uint8_t*)calloc(sig_len, sizeof(uint8_t));
    unsigned char msg[] = "test";
    kryzhovnik_sign(kryzhovnik, sk, msg, sizeof(msg), sig, &sig_len);
 
    // free resources
    free(sig);
    free(pk);
    free(sk);
    kryzhovnik_free(kryzhovnik);
}
 
 
void use_verify(void)
{
    kryzhovnik_t kryzhovnik = kryzhovnik_new(kryzhovnik_default);
    const size_t pk_len = kryzhovnik_get_public_key_bytes_len(kryzhovnik);
    const size_t sig_len = kryzhovnik_get_signature_bytes_len(kryzhovnik);
    // get public key and signature from somewhere
    uint8_t* pk = (uint8_t*)calloc(pk_len, sizeof(uint8_t));
    uint8_t* sig = (uint8_t*)calloc(sig_len, sizeof(uint8_t));
    unsigned char msg[] = "test";
    int res = kryzhovnik_verify(kryzhovnik, pk, sig, sig_len, msg, sizeof(msg));
 
    // free resources
    free(sig);
    free(pk);
    kryzhovnik_free(kryzhovnik);
}
 
 
int main(void)
{
    use_new();
    use_generate_keys();
    use_sign();
    use_verify();
}

Typedef Documentation

kryzhovnik_t

typedef struct kryzhovnik_st* kryzhovnik_t

kryzhovnik algorithm instance handle

Note

pqlr_t instance linked to this handle can be obtained

See also

kryzhovnik_to_pqlr

Enumeration Type Documentation

kryzhovnik_parameterset_t

enum kryzhovnik_parameterset_t

Possible kryzhovnik parameters sets.

Enumerator
kryzhovnik_default
kryzhovnik_last

Function Documentation

kryzhovnik_duplicate()

PQLR_API kryzhovnik_t kryzhovnik_duplicate

(

const kryzhovnik_t

kryzhovnik

)

Duplicates context of kryzhovnik instance.

Parameters

kryzhovnik

instance to duplicate

Returns

new instance with a duplicated context

kryzhovnik_free()

PQLR_API void kryzhovnik_free

(

kryzhovnik_t

kryzhovnik

)

Frees kryzhovnik instance and all corresponding resources.

Parameters

[in]

kryzhovnik

instance to free

See also

kryzhovnik_t

kryzhovnik_new

kryzhovnik_generate_keys()

PQLR_API void kryzhovnik_generate_keys	(	const kryzhovnik_t	kryzhovnik,
		uint8_t *	result_sk,
		uint8_t *	result_pk
	)

Generates random secret key and public key for given context.

Usage:

    kryzhovnik_t kryzhovnik = kryzhovnik_new(kryzhovnik_default);
    const size_t sk_len = kryzhovnik_get_secret_key_bytes_len(kryzhovnik);
    const size_t pk_len = kryzhovnik_get_public_key_bytes_len(kryzhovnik);
    uint8_t* sk = (uint8_t*)calloc(sk_len, sizeof(uint8_t));
    uint8_t* pk = (uint8_t*)calloc(pk_len, sizeof(uint8_t));
    kryzhovnik_generate_keys(kryzhovnik, sk, pk);

Parameters

[in]	kryzhovnik	Instance of kryzhovnik created with kryzhovnik_new(). If NULL, the fatal error occurs.
[out]	result_sk	Contiguous array to receive secret key, of size kryzhovnik_get_secret_key_bytes_len. If NULL, the fatal error occurs.
[out]	result_pk	Contiguous array to receive public key, of size kryzhovnik_get_public_key_bytes_len. If NULL, the fatal error occurs.

See also

kryzhovnik_new

kryzhovnik_get_secret_key_bytes_len

kryzhovnik_get_public_key_bytes_len

kryzhovnik_get_public_key_bytes_len()

PQLR_API size_t kryzhovnik_get_public_key_bytes_len

(

const kryzhovnik_t

kryzhovnik

)

Obtains public key buffer length in bytes for current kryzhovnik instance.

Parameters

[in]

kryzhovnik

initialized kryzhovnik instance

See also

kryzhovnik_t

kryzhovnik_new

Returns

public key buffer length in bytes

kryzhovnik_get_secret_key_bytes_len()

PQLR_API size_t kryzhovnik_get_secret_key_bytes_len

(

const kryzhovnik_t

kryzhovnik

)

Obtains secret key buffer length in bytes for current kryzhovnik instance.

Parameters

[in]

kryzhovnik

initialized kryzhovnik instance

See also

kryzhovnik_t

kryzhovnik_new

Returns

secret key buffer length in bytes

kryzhovnik_get_signature_bytes_len()

PQLR_API size_t kryzhovnik_get_signature_bytes_len

(

kryzhovnik_t

kryzhovnik

)

Obtains signature buffer length in bytes for current kryzhovnik instance.

Parameters

[in]

kryzhovnik

initialized kryzhovnik instance

See also

kryzhovnik_t

kryzhovnik_new

Returns

signature buffer length in bytes

kryzhovnik_new()

PQLR_API kryzhovnik_t kryzhovnik_new

(

kryzhovnik_parameterset_t

parameterset

)

Creates new kryzhovnik instance with selected parameter set.

Usage:

    kryzhovnik_t kryzhovnik = kryzhovnik_new(kryzhovnik_default);

Parameters

[in]

parameterset

available set of parameters for kryzhovnik algorithm

Returns

initialized kryzhovnik instance or NULL if out of memory

kryzhovnik_sign()

PQLR_API void kryzhovnik_sign	(	const kryzhovnik_t	kryzhovnik,
		const uint8_t *	sk,
		const uint8_t *	msg,
		size_t	msg_len,
		uint8_t *	result_sig,
		size_t *	result_sig_len
	)

Generates signature for given message according to context and secret key.

Usage:

    kryzhovnik_t kryzhovnik = kryzhovnik_new(kryzhovnik_default);
    const size_t sk_len = kryzhovnik_get_secret_key_bytes_len(kryzhovnik);
    const size_t pk_len = kryzhovnik_get_public_key_bytes_len(kryzhovnik);
    // get secret key from somewhere
    uint8_t* sk = (uint8_t*)calloc(sk_len, sizeof(uint8_t));
    uint8_t* pk = (uint8_t*)calloc(pk_len, sizeof(uint8_t));
    size_t sig_len = kryzhovnik_get_signature_bytes_len(kryzhovnik);
    uint8_t* sig = (uint8_t*)calloc(sig_len, sizeof(uint8_t));
    unsigned char msg[] = "test";
    kryzhovnik_sign(kryzhovnik, sk, msg, sizeof(msg), sig, &sig_len);

Note

In contrast to the most of other signature schemes, this function requires public key to be passed as an argument.

Parameters

[in]	kryzhovnik	Instance of kryzhovnik created with kryzhovnik_new(). If NULL, the fatal error occurs.
[in]	sk	Secret key, the contiguous array of size kryzhovnik_get_secret_key_bytes_len. If NULL, the fatal error occurs.
[in]	msg	Message to generate signature of, the contiguous array. If NULL, the fatal error occurs.
[in]	msg_len	The length of a message in bytes. If 0, the fatal error occurs.
[out]	result_sig	Contiguous array to receive signature, of size kryzhovnik_get_signature_bytes_len. If NULL, the fatal error occurs.
[out]	result_sig_len	The length of a signature in bytes. If NULL, the fatal error occurs.

See also

kryzhovnik_get_secret_key_bytes_len

kryzhovnik_get_signature_bytes_len

kryzhovnik_to_pqlr()

PQLR_API pqlr_t kryzhovnik_to_pqlr

(

kryzhovnik_t

kryzhovnik

)

Gets pqlr instance linked to this kryzhovnik instance.

Parameters

[in]

kryzhovnik

initialized kryzhovnik instance

Note

this call leaves kryzhovnik instance intact
the returned pqlr instance will be released on call to kryzhovnik_free()

See also

kryzhovnik_t

pqlr_t

kryzhovnik_free

Returns

operable pqlr instance or NULL if kryzhovnik is NULL

kryzhovnik_verify()

PQLR_API int kryzhovnik_verify	(	const kryzhovnik_t	kryzhovnik,
		const uint8_t *	pk,
		const uint8_t *	sig,
		size_t	sig_len,
		const uint8_t *	msg,
		size_t	msg_len
	)

Verifies that given signature is the signature of given message.

Usage:

    kryzhovnik_t kryzhovnik = kryzhovnik_new(kryzhovnik_default);
    const size_t pk_len = kryzhovnik_get_public_key_bytes_len(kryzhovnik);
    const size_t sig_len = kryzhovnik_get_signature_bytes_len(kryzhovnik);
    // get public key and signature from somewhere
    uint8_t* pk = (uint8_t*)calloc(pk_len, sizeof(uint8_t));
    uint8_t* sig = (uint8_t*)calloc(sig_len, sizeof(uint8_t));
    unsigned char msg[] = "test";
    int res = kryzhovnik_verify(kryzhovnik, pk, sig, sig_len, msg, sizeof(msg));

Parameters

[in]	kryzhovnik	Context, initialized with kryzhovnik_new(). If NULL, the fatal error occurs.
[in]	pk	Public key, the contiguous array of size kryzhovnik_get_public_key_bytes_len. If NULL, the fatal error occurs.
[in]	sig	Signature, the contiguous array of size ‘kryzhovnik_get_signature_bytes_len’. If NULL, the fatal error occurs.
[in]	sig_len	The length of a signature in bytes.
[in]	msg	Message to verify signature of, the contiguous array. If NULL, the fatal error occurs.
[in]	msg_len	The length of a message in bytes. If 0, the fatal error occurs.

Returns

0 if given signature is the signature of given message, otherwise non-zero value.

See also

kryzhovnik_get_signature_bytes_len

kryzhovnik_get_public_key_bytes_len