This crypto library provides algorithm implementations which have the following properties:
A public git repository is found at github.com/smuellerDD/leancrypto.
The following source code contains the implementation of the leancrypto library.
| Link | Changes |
|---|---|
|
Introduce lc_rng.h as a common interface to the random number generators add KMAC DRNG add cSHAKE DRNG add SHAKE-128 add dilithium signature PQC schema - test vectors were generated by leancrypto, but compared with the reference implementation which calculate the same results add kyber KEM PQC schema - test vectors were generated by leancrypto, but compared with the reference implementation which calculate the same results add cSHAKE AEAD cipher KMAC-AEAD cipher: auth key is now set to 256 bits |
|
|
simplify Kyber code add RNG context to HKDF add RNG context to KMAC add AES 128/192/256, ECB, CBC, CTR, KW add lc_seeded_rng add lc_aead API to provide common interface to AEAD algorithms add KyberIES change API to Kyber KEM: allow caller to specify size of generated key add leancrypto.h for ease of use add SymHMAC AEAD algorithm add cSHAKE 128 add KMAC 128 |
|
|
enhancement: add ability to compile leancrypto for the Linux kernel including all tests enhancement: make leancrypto generic such that it can be used in environments other than user space enhancement: add compile time option small_stack which ensures that leancrypto's stack usage is always less than 2048 (also verified by the compiler warning if it is bigger) enhancement: Add assembler accelerations for SHA3 (AVX2 and AVX512 are verified with NIST's ACVP service) bug fix: Fix the SHA-3 C implementation on big-endian system (one byte-swap missing) bug fix: SHAKE128 state had wrong size causing an overflow with the memset_secure in lc_hash_zero fix: remove compile-time warnings on 32 bit systems enhancement: SHAKE AVX2 4x implementation used by Kyber AVX2 implementation enhancement: Kyber AVX2 support enhancement: Dilithium AVX2 support leancrypto tested on macOS with an M2 system bug fix: Dilithium C on Big Endian had implicit type casts leading to endianess issues enhancement: add RPM SPEC file - successful build on OpenSUSE build service on x86_64, i586, aarch64, armv7l, armv6l, ppc64, ppc64le, riscv64 ename memset_secure to lc_memset_secure preventing any possible name space clash enhancement: add self tests to all algorithms bug fix: ChaCha20 on BigEndian systems |
|
|
enhancement: add Linux kernel configuration options enhancement: add lc_rerun_selftests API enhancement: add AVX2 support for memcmp_secure fix: some comments |
|
|
enhancement: add ARMv7 Neon assembler support for Keccak enhancement: add but disable ARMv8 Neon assembler support for Keccak (it is slower than optimized C) enhancement: add sign/update/final Dilithium APIs enhancement: add RISC-V assembler support for Keccak (yet disabled) enhancement: add ARMv8 assembler implementation of Kyber enhancement: add counter KDF RNG interface enhancement: add ARMv8 assembler and ARMv8 CE Keccak support |
|
|
convert to safe min/max implementations enhancement: allow kernel modules to be compiled directly from installed user space headers enhancement: make ARMv8 code compile on macOS use O3 compiler optimization instead of Os - O3 is significantly faster especially for Kyber C implementation, yet both options work fine |
|
|
enhancement: Linux - add memfd_secret(2) support for secure memory allocation fix: documentation of lc_kyber_keypair enhancement: remove the rng_ctx parameter in all Kyber APIs except the key generation - internally lc_seeded_rng is used instead enhancement: use -Wmissing-prototypes and fix reported issues enhancement: provde standalone CBC, CTR, KW implementation enhancement: provide AESNI implementation enhancement: provide AES ARM CE implementation enhancement: provide AES RISC-V 64 assembler implementation enhancement: provide Linux kernel configuration option to enable startup health tests fix: apply fixes such that all self tests and regression tests pass when compiled for Linux kernel fix: properly zeroize memory when using the workspace memory NIST CAVP certificates:
|