Lucas Gabriel Vuotto
35258f2b67
Going for 2^136 doesn't give anything extra, and is one additional addition. |
||
---|---|---|
lib | ||
wycheproof | ||
.gitignore | ||
aead_chacha20_poly1305.c | ||
aead.c | ||
auth_hmac.c | ||
auth_poly1305.c | ||
auth.c | ||
cipher_chacha20.c | ||
cipher.c | ||
ct.c | ||
hash_sha224_sha256.c | ||
hash_sha384_sha512.c | ||
hash.c | ||
impl_chacha20.c | ||
impl_poly1305.c | ||
impl_sha256.c | ||
impl_sha512.c | ||
internal.h | ||
kdf_hkdf.c | ||
kdf.c | ||
lilcrypto.h | ||
Makefile | ||
Makefile.inc | ||
README | ||
util.c | ||
util.h | ||
wycheproof_aead.c | ||
wycheproof_hkdf.c | ||
wycheproof_mac.c |
lilcrypto ========= > They see me rollin', they hatin'. Experiment on rolling my own crypto. Kinda. I'm not creating any new protocol, but implementing known algorithms and constructions. The main focus is to understand how to implement the math behind the algorithms, and to get to know the constructions better. Algorithms ========== Utilities --------- - Constant-time operations - [x] compare - [x] mask32: return a 1s mask if any bit is set, 0 otherwise - Hexdump Hash ---- - [x] SHA-224 - [x] SHA-256 - [x] SHA-384 - [x] SHA-512 - [x] SHA-512/224 & SHA-512/256 Authentication -------------- - [x] HMAC - [x] Poly1305 Ciphers ------- - [x] ChaCha20 - [x] XChaCha20 AEAD ---- - [x] ChaCha20-Poly1305 - [x] XChaCha20-Poly1305 ECC --- - Curve25519 - [ ] Ed25519 (EdDSA) - [ ] X25519 (ECDH) KDF --- - [x] HKDF Nice-to-haves ============= Utilities --------- - [ ] Portable Makefile - [ ] NaCl interface - [ ] signify interface Hash ---- Authentication -------------- - [ ] GMAC Ciphers ------- - [ ] AES - [ ] Camellia - [ ] Salsa20 (no Wycheproof test vector suite) - [ ] XSalsa20 (no Wycheproof test vector suite) AEAD ---- - [ ] AES-GCM - [ ] Camellia-GCM - [ ] Salsa20-Poly1305 (no Wycheproof test vector suite) - [ ] XSalsa20-Poly1305 (no Wycheproof test vector suite)