Crate dhkem

Source
Expand description

§RustCrypto: Diffie-Hellman-Based KEM

crate Docs Build Status Apache2/MIT licensed Rust Version Project Chat

Pure Rust implementation of the Diffie-Hellman-Based Key-Encapsulation Mechanism as described in the RFC9180 § 4.1.

Documentation

§About

Key Encapsulation Mechanisms (KEMs) provide a common API for establishing a symmetric key using public-key cryptography.

This crate implements a KEM-based API for elliptic curve Diffie-Hellman as specified for Hybrid Public Key Encryption (HPKE) which is described in RFC9180.

§⚠️ Security Warning

The implementation contained in this crate has never been independently audited!

USE AT YOUR OWN RISK!

§Minimum Supported Rust Version

This crate requires Rust 1.74 at a minimum.

We may change the MSRV in the future, but it will be accompanied by a minor version bump.

§License

Licensed under either of:

at your option.

§Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in the work by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.

§Diffie-Hellman (DH) based Key Encapsulation Mechanisms (KEM)

This crate provides a KEM interface for DH protocols as specified in RFC9180 without the shared secret extraction process.

In particular, Encaps(pk) in the RFC returns the encapsulated key and an extracted shared secret, while our implementation leaves the extraction process up to the user.

This type of KEM construction is currently being used in HPKE, as per the RFC, and in the current draft of the TLS KEM combiner.

§Supported elliptic curves

Support for specific elliptic curves is gated behind the following features:

  • k256: secp256k1
  • p256: NIST P-256
  • p384: NIST P-384
  • p521: NIST P-521

Structs§

DhDecapsulator
Newtype for a piece of data that may be decapsulated
DhEncapsulator
Newtype for a piece of data that may be encapsulated
EcdhKemecdh
Generic Elliptic Curve Diffie-Hellman KEM adapter compatible with curves implemented using traits from the elliptic-curve crate.
X25519Kemx25519
X22519 Diffie-Hellman KEM adapter.

Traits§

DhKem
This is a trait that all KEM models should implement, and should probably be promoted to the kem crate itself. It specifies the types of encapsulating and decapsulating keys created by key generation, the shared secret type, and the encapsulated key type

Type Aliases§

NistP256Kemp256
NIST P-256 ECDH KEM.
NistP384Kemp384
NIST P-384 ECDH KEM.
NistP521Kemp521
NIST P-521 ECDH KEM.
Secp256k1Kemk256
secp256k1 ECDH KEM.