lilcrypto
=========
> They see me rollin', they hatin'.
Experiment on rolling my own crypto. Kinda. I'm not creating any new
protocol, but implementing known algorithms and constructions. The main
focus is to understand how to implement the math behind the algorithms,
and to get to know the constructions better.
Algorithms
==========
Utilities
---------
- Constant-time operations
- [x] compare
Hash
----
- [x] SHA-224
- [x] SHA-256
- [x] SHA-384
- [x] SHA-512 (needed for Ed25519)
Authentication
--------------
- [x] HMAC
- [x] Poly1305
Ciphers
-------
- [x] ChaCha20
- [x] XChaCha20
AEAD
----
- [x] ChaCha20-Poly1305
- [x] XChaCha20-Poly1305
ECC
---
- Curve25519
- [ ] Ed25519 (EdDSA)
- [ ] X25519 (ECDH)
Nice-to-haves
=============
Utilities
---------
- [ ] Portable Makefile
- [ ] NaCl interface
- [ ] signify interface
Hash
----
- [ ] SHA-512/224 & SHA-512/256 (most of the work done)
Authentication
--------------
- [ ] GMAC
Ciphers
-------
- [ ] AES
- [ ] Camellia
- [ ] Salsa20 (no Wycheproof test vector suite)
- [ ] XSalsa20 (no Wycheproof test vector suite)
AEAD
----
- [ ] AES-GCM
- [ ] Camellia-GCM
- [ ] Salsa20-Poly1305 (no Wycherproof test vector suite)
- [ ] XSalsa20-Poly1305 (no Wycherproof test vector suite)
KDF
---
- [ ] HKDF