2021SC@SDUSC

liboqs

liboqs 是量子安全加密算法的开源 C 库。

liboqs提供：

量子安全密钥封装机制（KEM）和数字签名算法的开源实现集合（参见受支持的算法列表）)
这些算法的常见 API
测试线束和基准测试程序

概述

开源。liboqs 是根据麻省理工学院许可证发布的量子安全加密算法的 C 库。liboqs 包含一些外部组件，这些组件使用不同的许可证。

多平台。liboqs 建立在 Linux、macOS 和 Windows 上，支持 x86 和 ARM 架构，以及 clang、gcc 和微软编译器。工具链可用于交叉编译到其他平台。

常见的API。liboqs 使用通用的 API 进行量子后密钥封装和签名算法，因此在算法之间切换变得容易。我们的 API 紧跟 NIST/SUPERCOP API，并具有一些额外的包装和数据结构。

测试和基准测试。liboqs 包括测试线束和基准程序，用于比较共同框架中量子后实现的性能。

应用程序集成。我们提供将 liboqs 集成到一系列加密应用程序和协议的叉子中。

语言包装。来自 liboqs 的量子后算法可用于使用所提供的包装的其他各种编程语言。

liboq 中的量子后算法实现源自团队提交给 NIST 后量子密码学标准化项目的参考和优化代码。
liboq的实例程序

/** example_kem.c** Minimal example of a Diffie-Hellman-style post-quantum key encapsulation* implemented in liboqs.** SPDX-License-Identifier: MIT*/#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>#include <oqs/oqs.h>/* Cleaning up memory etc */
void cleanup_stack(uint8_t *secret_key, size_t secret_key_len,uint8_t *shared_secret_e, uint8_t *shared_secret_d,size_t shared_secret_len);void cleanup_heap(uint8_t *secret_key, uint8_t *shared_secret_e,uint8_t *shared_secret_d, uint8_t *public_key,uint8_t *ciphertext, OQS_KEM *kem);/* This function gives an example of the operations performed by both* the decapsulator and the encapsulator in a single KEM session,* using only compile-time macros and allocating variables* statically on the stack, calling a specific algorithm's functions* directly.** The macros OQS_KEM_frodokem_640_aes_length_* and the functions* OQS_KEM_frodokem_640_aes_* are only defined if the algorithm* FrodoKEM-640-AES was enabled at compile-time which must be* checked using the OQS_ENABLE_KEM_frodokem_640_aes macro.** <oqs/oqsconfig.h>, which is included in <oqs/oqs.h>, contains macros* indicating which algorithms were enabled when this instance of liboqs* was compiled.*/
static OQS_STATUS example_stack(void) {#ifndef OQS_ENABLE_KEM_frodokem_640_aes // if FrodoKEM-640-AES was not enabled at compile-timeprintf("[example_stack] OQS_KEM_frodokem_640_aes was not enabled at ""compile-time.\n");return OQS_ERROR;
#elseuint8_t public_key[OQS_KEM_frodokem_640_aes_length_public_key];uint8_t secret_key[OQS_KEM_frodokem_640_aes_length_secret_key];uint8_t ciphertext[OQS_KEM_frodokem_640_aes_length_ciphertext];uint8_t shared_secret_e[OQS_KEM_frodokem_640_aes_length_shared_secret];uint8_t shared_secret_d[OQS_KEM_frodokem_640_aes_length_shared_secret];OQS_STATUS rc = OQS_KEM_frodokem_640_aes_keypair(public_key, secret_key);if (rc != OQS_SUCCESS) {fprintf(stderr, "ERROR: OQS_KEM_frodokem_640_aes_keypair failed!\n");cleanup_stack(secret_key, OQS_KEM_frodokem_640_aes_length_secret_key,shared_secret_e, shared_secret_d,OQS_KEM_frodokem_640_aes_length_shared_secret);return OQS_ERROR;}rc = OQS_KEM_frodokem_640_aes_encaps(ciphertext, shared_secret_e, public_key);if (rc != OQS_SUCCESS) {fprintf(stderr, "ERROR: OQS_KEM_frodokem_640_aes_encaps failed!\n");cleanup_stack(secret_key, OQS_KEM_frodokem_640_aes_length_secret_key,shared_secret_e, shared_secret_d,OQS_KEM_frodokem_640_aes_length_shared_secret);return OQS_ERROR;}rc = OQS_KEM_frodokem_640_aes_decaps(shared_secret_d, ciphertext, secret_key);if (rc != OQS_SUCCESS) {fprintf(stderr, "ERROR: OQS_KEM_frodokem_640_aes_decaps failed!\n");cleanup_stack(secret_key, OQS_KEM_frodokem_640_aes_length_secret_key,shared_secret_e, shared_secret_d,OQS_KEM_frodokem_640_aes_length_shared_secret);return OQS_ERROR;}printf("[example_stack] OQS_KEM_frodokem_640_aes operations completed.\n");return OQS_SUCCESS; // success!
#endif
}/* This function gives an example of the operations performed by both* the decapsulator and the encapsulator in a single KEM session,* allocating variables dynamically on the heap and calling the generic* OQS_KEM object.** This does not require the use of compile-time macros to check if the* algorithm in question was enabled at compile-time; instead, the caller* must check that the OQS_KEM object returned is not NULL.*/
static OQS_STATUS example_heap(void) {OQS_KEM *kem = NULL;uint8_t *public_key = NULL;uint8_t *secret_key = NULL;uint8_t *ciphertext = NULL;uint8_t *shared_secret_e = NULL;uint8_t *shared_secret_d = NULL;kem = OQS_KEM_new(OQS_KEM_alg_frodokem_640_aes);if (kem == NULL) {printf("[example_heap]  OQS_KEM_frodokem_640_aes was not enabled at ""compile-time.\n");return OQS_ERROR;}public_key = malloc(kem->length_public_key);secret_key = malloc(kem->length_secret_key);ciphertext = malloc(kem->length_ciphertext);shared_secret_e = malloc(kem->length_shared_secret);shared_secret_d = malloc(kem->length_shared_secret);if ((public_key == NULL) || (secret_key == NULL) || (ciphertext == NULL) ||(shared_secret_e == NULL) || (shared_secret_d == NULL)) {fprintf(stderr, "ERROR: malloc failed!\n");cleanup_heap(secret_key, shared_secret_e, shared_secret_d, public_key,ciphertext, kem);return OQS_ERROR;}OQS_STATUS rc = OQS_KEM_keypair(kem, public_key, secret_key);if (rc != OQS_SUCCESS) {fprintf(stderr, "ERROR: OQS_KEM_keypair failed!\n");cleanup_heap(secret_key, shared_secret_e, shared_secret_d, public_key,ciphertext, kem);return OQS_ERROR;}rc = OQS_KEM_encaps(kem, ciphertext, shared_secret_e, public_key);if (rc != OQS_SUCCESS) {fprintf(stderr, "ERROR: OQS_KEM_encaps failed!\n");cleanup_heap(secret_key, shared_secret_e, shared_secret_d, public_key,ciphertext, kem);return OQS_ERROR;}rc = OQS_KEM_decaps(kem, shared_secret_d, ciphertext, secret_key);if (rc != OQS_SUCCESS) {fprintf(stderr, "ERROR: OQS_KEM_decaps failed!\n");cleanup_heap(secret_key, shared_secret_e, shared_secret_d, public_key,ciphertext, kem);return OQS_ERROR;}printf("[example_heap]  OQS_KEM_frodokem_640_aes operations completed.\n");cleanup_heap(secret_key, shared_secret_e, shared_secret_d, public_key,ciphertext, kem);return OQS_SUCCESS; // success
}int main(void) {if (example_stack() == OQS_SUCCESS && example_heap() == OQS_SUCCESS) {return EXIT_SUCCESS;} else {return EXIT_FAILURE;}
}void cleanup_stack(uint8_t *secret_key, size_t secret_key_len,uint8_t *shared_secret_e, uint8_t *shared_secret_d,size_t shared_secret_len) {OQS_MEM_cleanse(secret_key, secret_key_len);OQS_MEM_cleanse(shared_secret_e, shared_secret_len);OQS_MEM_cleanse(shared_secret_d, shared_secret_len);
}void cleanup_heap(uint8_t *secret_key, uint8_t *shared_secret_e,uint8_t *shared_secret_d, uint8_t *public_key,uint8_t *ciphertext, OQS_KEM *kem) {if (kem != NULL) {OQS_MEM_secure_free(secret_key, kem->length_secret_key);OQS_MEM_secure_free(shared_secret_e, kem->length_shared_secret);OQS_MEM_secure_free(shared_secret_d, kem->length_shared_secret);}OQS_MEM_insecure_free(public_key);OQS_MEM_insecure_free(ciphertext);OQS_KEM_free(kem);
}

2021SC@SDUSC 量子加密库libqs相关推荐

2021SC@SDUSC PALISADE开源库（二）CKKS讲解系列（一）普通编码和解码
2021SC@SDUSC 目录介绍 CKKS编码普通编码例子相关代码执行(重要) 编码器和解码器的实现过程: 具体分析[假设输入的向量的(1,2,3,4)] 测试过程同态操作(编码和解码) ...
@2021SC@SDUSC 源码分析: core/lib/encoding
2021SC@SDUSC 看一看估计标准偏差过程是怎么样的 // Estimate standard deviation using the imaginary part of decoded vec ...
山东大学软件实验课程-Ebiten-基于go语言实现的2D游戏库源码分析第一篇-综述 2021SC@SDUSC
2021SC@SDUSC 目录一.项目综述二.go语言安装及环境配置 1.Go的安装 2.IDE的使用三.小组内成员分工一.项目综述 Ebiten 是Go 编程语言的开源游戏库.Ebiten ...
2021SC@SDUSC 后量子密码NTRU的参考实现
2021SC@SDUSC PQ Crypto Catalog https://github.com/kriskwiatkowski/pqc 提交给 NIST PQC 标准化流程的量子安全签名和 KEM ...
@2021SC@SDUSC 源码分析: 格加密模块的初窥
2021SC@SDUSC 这次对格密码层进行一个分析首先可以看到格密码层也是分了相当多的文件从名字上直观认识,大多都是数学后端上功能以及一些辅助的运算模块先来看看lattice中的poly模块 ...
2021SC@SDUSC BRPC代码分析(七) —— bthread综述、Butex及mutex详解
2021SC@SDUSC 文章目录一.bthread的背景知识学习二.代码分析总结一.bthread的背景知识学习经过前面6篇代码分析,我将BRPC一个极其实用的工具--bvar做了全面系统 ...
2021SC@SDUSC山东大学软件学院软件工程应用与实践--YOLOV5代码分析（八）plots.py-1
2021SC@SDUSC 前言这篇分析plot.py文件,就如其名称一样,主要是一些用以展示的代码,也不是核心代码外部库 from copy import copy from pathlib im ...
＜2021SC@SDUSC＞【Overload游戏引擎】OvUI源码模块分析（二）——ImGui
<2021SC@SDUSC>[Overload游戏引擎]OvUI源码模块分析(二) 前言案例分析程序框架 1.基本案例 2.实现定制绑定/定制引擎渲染函数总结前言本篇我们来分析 ...
＜2021SC@SDUSC＞【Overload游戏引擎】OvUI源码模块分析（四）——ModulesPanels
<2021SC@SDUSC>[Overload游戏引擎]OvUI源码模块分析(四)--Modules&Panels 前言 Modules Canvas Panels APanel ...
＜2021SC@SDUSC＞【Overload游戏引擎】OvUI源码模块分析（一）——Core
<2021SC@SDUSC>[Overload游戏引擎]OvUI源码模块分析(一) 文章目录前言 OvUI的模块结构源码分析 1.Core模块 (1)UIManger的构造函数和析构函 ...

2021SC@SDUSC 量子加密库libqs

liboqs

概述

2021SC@SDUSC 量子加密库libqs相关推荐

最新文章

热门文章