Skip to content

Commit

Permalink
KyberKotlin v0.4.5
Browse files Browse the repository at this point in the history 
* Zero fill sensitive data to improve security.
  • Loading branch information
@ronhombre
ronhombre committed Feb 10, 2024
1 parent 04bdb8e commit 5356baf
Show file tree
Hide file tree
Showing 6 changed files with 33 additions and 9 deletions.
8 changes: 4 additions & 4 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,9 +34,9 @@ At the 1.0.0 release, developers should be able to use this dependency if they w

| Variant | Generation | Encapsulation | Decapsulation |
|---------|-------------------------|-------------------------|-------------------------|
| 512 | 5975.0 (39% Faster) | 5643.5625 (58% Faster) | 5705.3125 (74% Faster) |
| 768 | 10271.125 (32% Faster) | 10455.9375 (44% Faster) | 10681.1875 (58% Faster) |
| 1024 | 16849.625 (26% Faster) | 17178.4375 (35% Faster) | 17501.5 (49% Faster) |
| 512 | 6218.25 (34% Faster) | 5757.8125 (55% Faster) | 5736.4375 (73% Faster) |
| 768 | 10220.375 (33% Faster) | 10442.75 (44% Faster) | 10603.75 (59% Faster) |
| 1024 | 16700.1875 (27% Faster) | 17075.6875 (36% Faster) | 17346.6875 (50% Faster) |
| ML-KEM | (in ms) | (in ms) | (in ms) |

JVM: Coretto 1.8, Count: 10000, Iterations: 5 (Average), Relative to 'standard' branch.
Expand All @@ -59,7 +59,7 @@ This master branch is faster than the standard branch due to optimizations.

```Kotlin
dependencies {
implementation("asia.hombre:kyber:0.4.4")
implementation("asia.hombre:kyber:0.4.5")
}
```

Expand Down
2 changes: 1 addition & 1 deletion build.gradle.kts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ plugins {
}

group = "asia.hombre.kyber" //The value after the last '.' is considered the maven name i.e. asia.hombre:kyber:+
version = "0.4.4"
version = "0.4.5"

val projectName = project.group.toString().split(".").last() //Grab maven name
val baseProjectName = projectName.plus("-").plus(project.version)
Expand Down
4 changes: 2 additions & 2 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,11 +39,11 @@

<groupId>asia.hombre</groupId>
<artifactId>kyber</artifactId>
<version>0.4.4</version>
<version>0.4.5</version>
<packaging>jar</packaging>

<scm>
<tag>v0.4.4</tag>
<tag>v0.4.5</tag>
<connection>scm:git:https://github.com/ronhombre/KyberKotlin.git</connection>
<url>https://github.com/ronhombre/KyberKotlin.git</url>
</scm>
Expand Down
9 changes: 9 additions & 0 deletions src/commonMain/kotlin/asia/hombre/kyber/KyberAgreement.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,12 +98,21 @@ class KyberAgreement(kemKeyPair: KyberKEMKeyPair) {
coefficients[i] = KyberMath.vectorToVectorAdd(coefficients[i], noiseVector[i])

constantTerm = KyberMath.vectorToVectorAdd(constantTerm, KyberMath.multiplyNTTs(nttKeyVector[i], randomnessVector[i]))

//Security Features
for(j in 0..<parameter.K) matrix[i][j].fill(0, 0, matrix[i][j].lastIndex)
noiseVector[i].fill(0, 0, noiseVector[i].lastIndex)
nttKeyVector[i].fill(0, 0, nttKeyVector[i].lastIndex)
randomnessVector[i].fill(0, 0, randomnessVector[i].lastIndex)
}

constantTerm = KyberMath.invNTT(constantTerm)
constantTerm = KyberMath.vectorToVectorAdd(constantTerm, noiseTerm)
constantTerm = KyberMath.vectorToVectorAdd(constantTerm, muse)

//Security Feature
muse.fill(0, 0, muse.lastIndex)

val encodedCoefficients = ByteArray(KyberConstants.N_BYTES * (parameter.DU * parameter.K))
val encodedTerms = ByteArray(KyberConstants.N_BYTES * parameter.DV)

Expand Down
15 changes: 13 additions & 2 deletions src/commonMain/kotlin/asia/hombre/kyber/KyberKeyGenerator.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,17 +61,22 @@ class KyberKeyGenerator {

val seeds = sha3512.digest(byteArray)

//Security Features
sha3512.reset()
byteArray.fill(Byte.MIN_VALUE, 0, byteArray.lastIndex)

val nttSeed = seeds.copyOfRange(0, 32)
val cbdSeed = seeds.copyOfRange(32, 64)

seeds.fill(0, 0, seeds.lastIndex) //Security Feature

val matrix = Array(parameter.K) { Array(parameter.K) { ShortArray(KyberConstants.N) } }
val secretVector = Array(parameter.K) { ShortArray(KyberConstants.N) }
val noiseVector = Array(parameter.K) { ShortArray(KyberConstants.N) }

for((nonce, i) in (0..<parameter.K).withIndex()) {
for(j in 0..<parameter.K) {
for(j in 0..<parameter.K)
matrix[i][j] = KyberMath.sampleNTT(KyberMath.xof(nttSeed, i.toByte(), j.toByte()))
}

secretVector[i] = KyberMath.samplePolyCBD(
parameter.ETA1,
Expand All @@ -86,6 +91,8 @@ class KyberKeyGenerator {
noiseVector[i] = KyberMath.NTT(noiseVector[i])
}

cbdSeed.fill(Byte.MIN_VALUE, 0, cbdSeed.lastIndex) //Security Feature

//Transposed ? Old Kyber v3
val systemVector = KyberMath.vectorAddition(
KyberMath.nttMatrixToVectorDot(matrix, secretVector, true),
Expand All @@ -96,6 +103,10 @@ class KyberKeyGenerator {
val decryptionKeyBytes = ByteArray(parameter.DECRYPTION_KEY_LENGTH)

for(i in 0..<parameter.K) {
//Security Features
for(j in 0..<parameter.K) matrix[i][j].fill(0, 0, matrix[i][j].lastIndex)
noiseVector[i].fill(0, 0, noiseVector[i].lastIndex)

KyberMath.byteEncode(KyberMath.montVectorToVector(systemVector[i]), 12)
.copyInto(encryptionKeyBytes, i * KyberConstants.ENCODE_SIZE)
KyberMath.byteEncode(KyberMath.montVectorToVector(secretVector[i]), 12)
Expand Down
4 changes: 4 additions & 0 deletions src/commonMain/kotlin/asia/hombre/kyber/internal/KyberMath.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -149,6 +149,8 @@ internal class KyberMath {
i += 3
}

bytes.fill(0, 0, bytes.lastIndex) //Security Feature

return nttCoefficients
}

Expand All @@ -157,6 +159,8 @@ internal class KyberMath {
val f = ShortArray(KyberConstants.N)
val bits = bytesToBits(bytes)

bytes.fill(0, 0, bytes.lastIndex) //Security Feature

for(i in 0..<KyberConstants.N) {
var x = 0
var y = 0
Expand Down

0 comments on commit 5356baf

Please sign in to comment.