Go to file
2024-05-31 21:51:37 +00:00
lib initial import 2024-05-31 10:59:58 +00:00
wycheproof wycheproof: hide debug output behind -v flag 2024-05-31 16:53:05 +00:00
.gitignore Make .gitignore ignore all the obj/ directories 2024-05-31 11:48:43 +00:00
aead_chacha20_poly1305.c aead: implement ChaCha20-Poly1305 open 2024-05-31 16:46:05 +00:00
aead.c initial import 2024-05-31 10:59:58 +00:00
aead.h initial import 2024-05-31 10:59:58 +00:00
auth_poly1305.c initial import 2024-05-31 10:59:58 +00:00
auth_poly1305.h initial import 2024-05-31 10:59:58 +00:00
auth.c initial import 2024-05-31 10:59:58 +00:00
auth.h initial import 2024-05-31 10:59:58 +00:00
cipher_chacha20.c initial import 2024-05-31 10:59:58 +00:00
cipher_chacha20.h initial import 2024-05-31 10:59:58 +00:00
cipher.c initial import 2024-05-31 10:59:58 +00:00
cipher.h initial import 2024-05-31 10:59:58 +00:00
ct.c initial import 2024-05-31 10:59:58 +00:00
impl_chacha20.c initial import 2024-05-31 10:59:58 +00:00
impl_chacha20.h initial import 2024-05-31 10:59:58 +00:00
impl_poly1305.c initial import 2024-05-31 10:59:58 +00:00
impl_poly1305.h initial import 2024-05-31 10:59:58 +00:00
lilcrypto.h util: make lc_scrub public 2024-05-31 21:51:37 +00:00
Makefile initial import 2024-05-31 10:59:58 +00:00
Makefile.inc initial import 2024-05-31 10:59:58 +00:00
README initial import 2024-05-31 10:59:58 +00:00
util.c util: make lc_scrub public 2024-05-31 21:51:37 +00:00
util.h util: make lc_scrub public 2024-05-31 21:51:37 +00:00
wycheproof_aead.c wycheproof: hide debug output behind -v flag 2024-05-31 16:53:05 +00:00

lilcrypto
=========

> They see me rollin', they hatin'.

Experiment on rolling my own crypto. Kinda. I'm not creating any new
protocol, but implementing known algorithms and constructions. The main
focus is to understand how to implement the math behind the algorithms,
and to get to know the constructions better.

Algorithms
==========

Utilities
---------

- Constant-time operations
  - [/] compare: returns `0` if match, non-`0` otherwise. The non-`0`
    case might leak information. Would be better to return `0xffffffff`
    if match, `0` otherwise.

Authentication
--------------

- [x] Poly1305
- [ ] SHA-512 (needed for Ed25519)

Ciphers
-------

- [x] ChaCha20
- [ ] XChaCha20

AEAD
----

- [/] ChaCha20-Poly1305 (missing aead_open)
- [ ] XChaCha20-Poly1305

ECC
---

- Curve25519
  - [ ] Ed25519 (EdDSA)
  - [ ] X25519 (ECDH)

Nice-to-haves
=============

Utilities
---------

- [ ] Portable Makefile
- [ ] NaCl interface
- [ ] signify interface

Authentication
--------------

- [ ] GMAC

Ciphers
-------

- [ ] AES
- [ ] Camellia
- [ ] Salsa20 (no Wycheproof test vector suite)
- [ ] XSalsa20 (no Wycheproof test vector suite)

AEAD
----

- [ ] AES-GCM
- [ ] Camellia-GCM
- [ ] Salsa20-Poly1305 (no Wycherproof test vector suite)
- [ ] XSalsa20-Poly1305 (no Wycherproof test vector suite)

KDF?
----