dcrypt 1.2.3

dcrypt is a pure-Rust, software-only cryptography library providing both classical and post-quantum primitives with a focus on security, hybrid KEMs/signatures, and memory-safe, no-FFI design.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85

# B283K ('sect283k1') Elliptic Curve

This module provides a constant-time implementation of the `sect283k1` elliptic curve, a Koblitz curve defined over a binary field. The implementation is designed for security, with a focus on preventing timing-based side-channel attacks, making it suitable for cryptographic protocols like Elliptic Curve Diffie-Hellman (ECDH) key exchange.

The `sect283k1` curve is specified by SECG (Standards for Efficient Cryptography Group) and offers a security level of approximately 141 bits.

### Curve Parameters

*   **Curve Equation**: `y² + xy = x³ + 1`
*   **Base Field**: `GF(2^283)` (a binary field with 2^283 elements)
*   **Irreducible Polynomial**: `x^283 + x^12 + x^7 + x^5 + 1`

## Core Features

*   **Constant-Time Implementation**: All cryptographic operations involving secret data, such as scalar multiplication, are designed to execute in constant time, protecting against timing side-channel attacks.
*   **Key Generation**: Provides the `generate_keypair` function to securely create `(private_key, public_key)` pairs suitable for ECDH.
*   **Scalar Multiplication**: Offers efficient and secure scalar multiplication functions:
    *   `scalar_mult_base_g`: Fixed-base multiplication with the curve's standard generator point (G), used for deriving a public key from a private key.
    *   `scalar_mult`: Variable-base multiplication, which is the core operation for computing the shared secret in an ECDH exchange.
*   **Point Arithmetic**: Implements fundamental point operations, including addition and doubling, using efficient algorithms.
*   **Point Serialization**: Supports both compressed and uncompressed point serialization formats.
    *   **Uncompressed**: `0x04 || x || y` (73 bytes)
    *   **Compressed**: `0x02/0x03 || x` (37 bytes), where the prefix disambiguates the y-coordinate.
*   **ECDH Key Exchange Support**: Includes a dedicated Key Derivation Function (KDF), `kdf_hkdf_sha384_for_ecdh_kem`, to securely derive a shared symmetric key from the raw ECDH shared secret point.

## Primary Use Case: ECDH Key Exchange

The main application of the `b283k` primitives is to establish a shared secret between two parties. The following example demonstrates how Alice and Bob can perform an ECDH key exchange.

```rust
use dcrypt::algorithms::ec::b283k::{self, Point, Scalar};
use rand::rngs::OsRng;

fn main() -> Result<(), dcrypt_algorithms::error::Error> {
    // 1. Alice generates her keypair.
    let (alice_private_key, alice_public_key) = b283k::generate_keypair(&mut OsRng)?;

    // 2. Bob generates his keypair.
    let (bob_private_key, bob_public_key) = b283k::generate_keypair(&mut OsRng)?;

    // 3. Alice computes the shared secret point using her private key and Bob's public key.
    let alice_shared_secret_point = b283k::scalar_mult(&alice_private_key, &bob_public_key)?;

    // 4. Bob computes the shared secret point using his private key and Alice's public key.
    let bob_shared_secret_point = b283k::scalar_mult(&bob_private_key, &alice_public_key)?;

    // Both parties will arrive at the same point on the curve.
    assert_eq!(alice_shared_secret_point, bob_shared_secret_point);

    // 5. To create a symmetric key, both parties use the x-coordinate of the shared point
    //    as input to a Key Derivation Function (KDF).
    let ikm = alice_shared_secret_point.x_coordinate_bytes();
    let info = Some(b"ecdh-with-b283k-context".as_slice());

    let alice_derived_key = b283k::kdf_hkdf_sha384_for_ecdh_kem(&ikm, info)?;
    let bob_derived_key = b283k::kdf_hkdf_sha384_for_ecdh_kem(&ikm, info)?;

    assert_eq!(alice_derived_key, bob_derived_key);

    println!("ECDH key exchange successful!");
    println!("Derived Symmetric Key (first 16 bytes): {}", hex::encode(&alice_derived_key[..16]));

    Ok(())
}
```

## API Overview

The `b283k` module exposes a concise and secure API for developers:

*   **`Point`**: Represents a point on the `sect283k1` curve. It handles all point-related arithmetic, validation, and serialization.
*   **`Scalar`**: Represents a value in the scalar field (an integer modulo the curve's order `n`). This type is used for private keys. It ensures that all values are valid and handles modular arithmetic securely.
*   **`generate_keypair`**: The recommended way to create a new key pair.
*   **`scalar_mult`**: Computes `k * P`, where `k` is a `Scalar` and `P` is a `Point`. This is the core function for ECDH.
*   **`kdf_hkdf_sha384_for_ecdh_kem`**: Derives a secure 48-byte symmetric key from a shared secret point using HKDF-SHA384.

## Benchmarks

Performance benchmarks for all core `sect283k1` operations are available in `benches/b283k.rs`. These benchmarks measure the performance of:

*   Field arithmetic (`add`, `mul`, `square`, `invert`)
*   Point operations (`add`, `double`, `scalar_mul`)
*   Point compression and decompression
*   Keypair generation
*   Full ECDH shared secret computation