rust-sike
| Crates.io | rust-sike |
| lib.rs | rust-sike |
| version | 0.2.1 |
| source | src |
| created_at | 2019-11-20 23:24:19.698981 |
| updated_at | 2022-08-09 16:06:05.612963 |
| description | Implementation of the key encapsulation mechanism (KEM) and public-key encryption (pke) schemes of the Supersingular Isogeny Key Encapsulation (SIKE) protocol |
| homepage | |
| repository | https://github.com/rust-crypto-labs/rust-sike |
| max_upload_size | |
| id | 183095 |
| size | 162,963 |
Edmond de Roffignac (Ashashin)
documentation
README
rust-sike
rust-sike is a Rust implementation of the SIKE isogeny-based key encapsulation suite (SIKE 1), a post-quantum candidate submitted to the NIST standardization process 2.
WARNING: As of July 30th 2022, SIDH (supersingular Diffie-Hellman), the underlying quantum-resistant mechanism of SIKE, has been found to be vulnerable to an efficient key recovery attacks 3 (recovery time ranging from one hour to less than a day depending on the security level on a single core). Therefore SIDH/SIKE should not be considered as secure and rust-sike should only be used for test or research purpose and under no circumstances for any production code
Why rust-sike?
The SIKE submission already comes with reference implementations, including optimised versions for different platforms. Additional implementations by Microsoft and Cloudflare are available. All these libraries are written in C, with occasional platform-specific assembly instructions, which allows them to reach maximum performance. At the time of writing these implementations match an older version of the SIKE specification.
rust-sike is concerned with providing high correctness guarantees: adherence to the SIKE specification, memory and type safety, and reproducibility across platforms. Extensive testing and documentation is desired. Performance matters but is a longer-term concern.
Status
Supported features and algorithms
- Key encapsulation mechanism (
KEM) - Public-key encryption (
PKE) - All the parameters described in the NIST submission:
p434,p503,p610, andp751. - Optimised tree-traversal strategies
The updated specification (April 17th 2019) is used as a basis for implementation.
Unsupported features and caveats
- Key compression and decompression are currently not supported (future work)
- The implementation is not guaranteed to be constant time
- The implementation is not
no_stdcompatible (for non-essential reasons)